diff --git a/src/common/os_input_output.rs b/src/common/os_input_output.rs
index 9e19f0ee..5539ae70 100644
--- a/src/common/os_input_output.rs
+++ b/src/common/os_input_output.rs
@@ -15,15 +15,22 @@ use nix::sys::termios;
 use nix::sys::wait::waitpid;
 use nix::unistd::{self, ForkResult, Pid};
 use signal_hook::{consts::signal::*, iterator::Signals};
-use std::env;
-use std::io;
 use std::io::prelude::*;
-use std::os::unix::io::RawFd;
-use std::path::PathBuf;
+use std::os::unix::{fs::PermissionsExt, io::RawFd};
+use std::path::{Path, PathBuf};
 use std::process::{Child, Command};
 use std::sync::{Arc, Mutex};
+use std::{env, fs, io};
 use zellij_tile::data::Palette;
 
+const UNIX_PERMISSIONS: u32 = 0o700;
+
+pub fn set_permissions(path: &Path) {
+    let mut permissions = fs::metadata(path).unwrap().permissions();
+    permissions.set_mode(UNIX_PERMISSIONS);
+    fs::set_permissions(path, permissions).unwrap();
+}
+
 fn into_raw_mode(pid: RawFd) {
     let mut tio = termios::tcgetattr(pid).expect("could not get terminal attribute");
     termios::cfmakeraw(&mut tio);
@@ -373,11 +380,11 @@ impl ClientOsApi for ClientOsInputOutput {
         }
     }
     fn connect_to_server(&self) {
-        let socket = match LocalSocketStream::connect(ZELLIJ_IPC_PIPE.clone()) {
+        let socket = match LocalSocketStream::connect(&**ZELLIJ_IPC_PIPE) {
             Ok(sock) => sock,
             Err(_) => {
                 std::thread::sleep(std::time::Duration::from_millis(20));
-                LocalSocketStream::connect(ZELLIJ_IPC_PIPE.clone()).unwrap()
+                LocalSocketStream::connect(&**ZELLIJ_IPC_PIPE).unwrap()
             }
         };
         let sender = IpcSenderWithContext::new(socket);
diff --git a/src/common/screen.rs b/src/common/screen.rs
index c5e4f9a5..562b0ffe 100644
--- a/src/common/screen.rs
+++ b/src/common/screen.rs
@@ -79,7 +79,7 @@ pub struct Screen {
     full_screen_ws: PositionAndSize,
     /// The index of this [`Screen`]'s active [`Tab`].
     active_tab_index: Option<usize>,
-    /// The [`ClientOsApi`] this [`Screen`] uses.
+    /// The [`ServerOsApi`] this [`Screen`] uses.
     os_api: Box<dyn ServerOsApi>,
     mode_info: ModeInfo,
     input_mode: InputMode,
diff --git a/src/common/setup.rs b/src/common/setup.rs
index 70e0ded4..edfa858a 100644
--- a/src/common/setup.rs
+++ b/src/common/setup.rs
@@ -1,9 +1,9 @@
-use crate::common::utils::consts::SYSTEM_DEFAULT_CONFIG_DIR;
+use crate::common::utils::consts::{SYSTEM_DEFAULT_CONFIG_DIR, VERSION};
+use crate::os_input_output::set_permissions;
 use directories_next::{BaseDirs, ProjectDirs};
 use std::io::Write;
 use std::{fs, path::Path, path::PathBuf};
 
-const VERSION: &str = env!("CARGO_PKG_VERSION");
 const CONFIG_LOCATION: &str = "/.config/zellij";
 
 #[macro_export]
@@ -40,7 +40,9 @@ pub mod install {
 
         for (path, bytes) in assets {
             let path = data_dir.join(path);
-            fs::create_dir_all(path.parent().unwrap()).unwrap();
+            let parent_path = path.parent().unwrap();
+            fs::create_dir_all(parent_path).unwrap();
+            set_permissions(parent_path);
             if out_of_date || !path.exists() {
                 fs::write(path, bytes).expect("Failed to install default assets!");
             }
diff --git a/src/common/utils/consts.rs b/src/common/utils/consts.rs
index 4c219fed..a46f8243 100644
--- a/src/common/utils/consts.rs
+++ b/src/common/utils/consts.rs
@@ -1,5 +1,6 @@
 //! Zellij program-wide constants.
 
+use crate::os_input_output::set_permissions;
 use directories_next::ProjectDirs;
 use lazy_static::lazy_static;
 use nix::unistd::Uid;
@@ -8,6 +9,7 @@ use std::{env, fs};
 
 pub const ZELLIJ_CONFIG_FILE_ENV: &str = "ZELLIJ_CONFIG_FILE";
 pub const ZELLIJ_CONFIG_DIR_ENV: &str = "ZELLIJ_CONFIG_DIR";
+pub const VERSION: &str = env!("CARGO_PKG_VERSION");
 
 // TODO: ${PREFIX} argument in makefile
 pub const SYSTEM_DEFAULT_CONFIG_DIR: &str = "/etc/zellij";
@@ -18,7 +20,6 @@ lazy_static! {
     pub static ref ZELLIJ_PROJ_DIR: ProjectDirs =
         ProjectDirs::from("org", "Zellij Contributors", "Zellij").unwrap();
     pub static ref ZELLIJ_IPC_PIPE: PathBuf = {
-        let version = env::var("CARGO_PKG_VERSION").unwrap();
         let mut ipc_dir = env::var("ZELLIJ_SOCKET_DIR").map_or_else(
             |_| {
                 ZELLIJ_PROJ_DIR
@@ -27,8 +28,9 @@ lazy_static! {
             },
             PathBuf::from,
         );
-        ipc_dir.push(&version);
+        ipc_dir.push(VERSION);
         fs::create_dir_all(&ipc_dir).unwrap();
+        set_permissions(&ipc_dir);
         ipc_dir.push(&*SESSION_NAME);
         ipc_dir
     };
diff --git a/src/common/utils/logging.rs b/src/common/utils/logging.rs
index d99a2428..ff3fb44c 100644
--- a/src/common/utils/logging.rs
+++ b/src/common/utils/logging.rs
@@ -7,14 +7,17 @@ use std::{
     path::{Path, PathBuf},
 };
 
+use crate::os_input_output::set_permissions;
 use crate::utils::consts::{ZELLIJ_TMP_LOG_DIR, ZELLIJ_TMP_LOG_FILE};
 
 pub fn atomic_create_file(file_name: &Path) {
     let _ = fs::OpenOptions::new().create(true).open(file_name);
+    #[cfg(not(test))]
+    set_permissions(file_name);
 }
 
 pub fn atomic_create_dir(dir_name: &Path) -> io::Result<()> {
-    if let Err(e) = fs::create_dir(dir_name) {
+    let result = if let Err(e) = fs::create_dir(dir_name) {
         if e.kind() == std::io::ErrorKind::AlreadyExists {
             Ok(())
         } else {
@@ -22,7 +25,11 @@ pub fn atomic_create_dir(dir_name: &Path) -> io::Result<()> {
         }
     } else {
         Ok(())
+    };
+    if result.is_ok() {
+        set_permissions(dir_name);
     }
+    result
 }
 
 pub fn debug_log_to_file(mut message: String) -> io::Result<()> {
diff --git a/src/server/mod.rs b/src/server/mod.rs
index 27539c09..6eb2455b 100644
--- a/src/server/mod.rs
+++ b/src/server/mod.rs
@@ -19,7 +19,7 @@ use crate::common::{
     errors::{ContextType, PluginContext, PtyContext, ScreenContext, ServerContext},
     input::actions::{Action, Direction},
     input::handler::get_mode_info,
-    os_input_output::ServerOsApi,
+    os_input_output::{set_permissions, ServerOsApi},
     pty_bus::{PtyBus, PtyInstruction},
     screen::{Screen, ScreenInstruction},
     setup::install::populate_data_dir,
@@ -85,8 +85,9 @@ pub fn start_server(os_input: Box<dyn ServerOsApi>) -> thread::JoinHandle<()> {
             let sessions = sessions.clone();
             let send_server_instructions = send_server_instructions.clone();
             move || {
-                drop(std::fs::remove_file(ZELLIJ_IPC_PIPE.clone()));
-                let listener = LocalSocketListener::bind(ZELLIJ_IPC_PIPE.clone()).unwrap();
+                drop(std::fs::remove_file(&*ZELLIJ_IPC_PIPE));
+                let listener = LocalSocketListener::bind(&**ZELLIJ_IPC_PIPE).unwrap();
+                set_permissions(&*ZELLIJ_IPC_PIPE);
                 for stream in listener.incoming() {
                     match stream {
                         Ok(stream) => {
@@ -134,7 +135,7 @@ pub fn start_server(os_input: Box<dyn ServerOsApi>) -> thread::JoinHandle<()> {
                     ServerInstruction::ClientExit => {
                         *sessions.write().unwrap() = None;
                         os_input.send_to_client(ClientInstruction::Exit);
-                        drop(std::fs::remove_file(ZELLIJ_IPC_PIPE.clone()));
+                        drop(std::fs::remove_file(&*ZELLIJ_IPC_PIPE));
                         break;
                     }
                     ServerInstruction::Render(output) => {