From aee14793f4e9664f08c88580e93cdfa7e42c8593 Mon Sep 17 00:00:00 2001
From: Alex <aleksandrosansan@gmail.com>
Date: Thu, 8 Dec 2022 20:16:40 +0200
Subject: [PATCH] build: harden rust.yml permissions

Signed-off-by: Alex <aleksandrosansan@gmail.com>
---
 .github/workflows/rust.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
index a8ac46f7..09b88e59 100644
--- a/.github/workflows/rust.yml
+++ b/.github/workflows/rust.yml
@@ -9,8 +9,12 @@ on:
 env:
   CARGO_TERM_COLOR: always
 
+permissions: {}
 jobs:
   build:
+    permissions:
+      contents: read #  to fetch code (actions/checkout)
+
     runs-on: ${{ matrix.os }}
     strategy:
       matrix: