fix(amazonq): set owner-only permissions for chat history, prompts #6961

## Problem
Chat history and saved prompt files are created with default global read
permissions

## Solution
Add owner only read/write permissions to newly created saved prompt and
chat history files

Author: avi-alpert

packages/amazonq/.changes/next-release/Bug Fix-b6e474f1-b7ef-4016-8e1c-c9e7e6a45cc2.json

@@ -0,0 +1,4 @@
+{
+	"type": "Bug Fix",
+	"description": "Amazon Q Chat: Set owner-only permissions for chat history and saved prompt files"
+}

packages/core/src/codewhispererChat/controllers/chat/controller.ts

@@ -638,7 +638,7 @@ export class ChatController {
                 title ? `${title}${promptFileExtension}` : `default${promptFileExtension}`
             )
             const newFileContent = new Uint8Array(Buffer.from(''))
-            await fs.writeFile(newFilePath, newFileContent)
+            await fs.writeFile(newFilePath, newFileContent, { mode: 0o600 })
             const newFileDoc = await vscode.workspace.openTextDocument(newFilePath)
             await vscode.window.showTextDocument(newFileDoc)
             telemetry.ui_click.emit({ elementId: 'amazonq_createSavedPrompt' })

packages/core/src/shared/db/chatDb/util.ts

@@ -142,7 +142,7 @@ export class FileSystemAdapter implements LokiPersistenceAdapter {
             await this.ensureDirectory()
             const filename = path.join(this.directory, dbname)
 
-            await fs.writeFile(filename, dbstring, 'utf8')
+            await fs.writeFile(filename, dbstring, { mode: 0o600, encoding: 'utf8' })
             callback(undefined)
         } catch (err: any) {
             callback(err)