I was reading this Reddit post about how someone accidentally deleted files in their /.fscrypt/ directory, and I was wondering if we could make this harder to do.

One method might be explicitly making the files have permissions of 0400 instead of 0600, and then just chmod-ing them when we need to either destroy metadata or update a policy file when we add/update a protector.

Alternatively (or additionally), we could change the file attributes to mark the metadata files as immutable.