[JENKINS-73305] Create .ssh directory with owner only permissions

When the JGit implementation needs to create a `.ssh` directory, create
it with permissions only allowing access to the directory owner.  That is
the common pattern used by the OpenSSH project and by POSIX systems to
reduce access to the sensitive information stored in the directory.

Testing done

Ran the CredentialsTest in a debugger with a configured 'auth-data`
directory and confirmed that the modified lines are executed on my
RHEL 8 development computer.  Confirmed that the resulting directory
permissions were read, write, and execute for only the owner, with no
other permissions.

Author: MarkEWaite

src/main/java/org/jenkinsci/plugins/gitclient/JGitAPIImpl.java

@@ -42,6 +42,9 @@
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
+import java.nio.file.attribute.FileAttribute;
+import java.nio.file.attribute.PosixFilePermission;
+import java.nio.file.attribute.PosixFilePermissions;
 import java.security.GeneralSecurityException;
 import java.util.ArrayList;
 import java.util.Arrays;
@@ -201,10 +204,22 @@ public class JGitAPIImpl extends LegacyCompatibleGitAPIImpl {
     public SshdSessionFactory buildSshdSessionFactory(@NonNull final HostKeyVerifierFactory hostKeyVerifierFactory) {
         if (Files.notExists(hostKeyVerifierFactory.getKnownHostsFile().toPath())) {
             try {
-                Files.createDirectories(hostKeyVerifierFactory
-                        .getKnownHostsFile()
-                        .getParentFile()
-                        .toPath());
+                if (isWindows()) {
+                    Files.createDirectories(hostKeyVerifierFactory
+                            .getKnownHostsFile()
+                            .getParentFile()
+                            .toPath());
+                } else {
+                    Set<PosixFilePermission> ownerOnly = PosixFilePermissions.fromString("rwx------");
+                    FileAttribute<Set<PosixFilePermission>> fileAttribute =
+                            PosixFilePermissions.asFileAttribute(ownerOnly);
+                    Files.createDirectories(
+                            hostKeyVerifierFactory
+                                    .getKnownHostsFile()
+                                    .getParentFile()
+                                    .toPath(),
+                            fileAttribute);
+                }
                 Files.createFile(hostKeyVerifierFactory.getKnownHostsFile().toPath());
             } catch (IOException e) {
                 LOGGER.log(Level.SEVERE, "could not create known hosts file", e);
@@ -3231,4 +3246,9 @@ public void close() {
             }
         }
     }
+
+    /** inline ${@link hudson.Functions#isWindows()} to prevent a transient remote classloader issue */
+    private static boolean isWindows() {
+        return File.pathSeparatorChar == ';';
+    }
 }