Holocron SQLite Database Directory Created with World-Readable Permissions (0755)

A security vulnerability in the Holocron application's SQLite storage layer creates its database directory with overly permissive, world-readable permissions. The flaw, coded in the `New()` function within `internal/store/sqlite/sqlite.go`, explicitly calls for the directory to be created with `0755` permissions. This setting allows any other user on a multi-user system to list the contents of the `~/.holocron/` directory, exposing the names of the database and configuration files.

The risk is not merely theoretical. While a user's restrictive default `umask` might currently mitigate the issue, the code's explicit request for `0755` means the vulnerability will be fully realized on systems with a common, more permissive `umask` setting like `0022`. In such an environment, the directory is created as world-readable, enabling local reconnaissance. This could be a precursor to further data access if the SQLite database file itself inherits permissive permissions.

This file permission weakness represents a clear medium-severity exposure. It undermines the principle of least privilege for local data storage, potentially leaking metadata about a user's Holocron activity. The fix requires changing the permission argument in the `os.MkdirAll` call from `0o755` to the secure, user-only `0o700` to ensure the directory is never accessible to other local users.