Make the root directory of the persistence non-world-readable
Things like #7443 (closed) would not be an issue if
had e.g. permissions 0770. What
prevents us from doing this?
The dotfiles feature, however,
requires the amnesia
user to at least have x
access to this directory, which we could grant via ACLs.
Apart of that, the persistent directories are
bind-mounted to places that this user can read.