Separate ~/.cargo/credentials

[tarcieri]

Originally from: rust-lang/crates.io#78

Right now the crates.io API token used by cargo is stored in the [registry.token] section of ~/.cargo/config (which, as it were, has 644 file permissions by default, i.e. world readable)

I think it would make more sense to separate credentials into a separate file (e.g. ~/.cargo/credentials or ~/.cargo/token) which always has 600 file permissions and will warn or not function if the permissions are too loose

Some precedent here is RubyGems, which stores its equivalent credentials in a ~/.gem/credentials file, which always has 600 permissions

[alexcrichton]

Sounds like a good idea to me!

[kmcallister]

This is a pretty big deal!

As another data point, OpenSSH will refuse to run if your file permissions aren't on point.

[sfackler]

I think this can be closed.

[tarcieri]

Nice! Glad to see this ship.