Respect umask for created file and directories

BuildStream currently creates various files and directories with restrictive permissions (0600 or 0700), essentially ignoring the process's file mode creation mask (umask). This doesn't cause any issues as long as other users don't need access.

However, to protect buildbox-casd's local cache from corruption via hardlinks on systems without FUSE, it's necessary to run buildbox-casd as a separate user. buildbox-casd needs access to BuildStream-created files and directories for various operations such as CaptureTree. And in the test suite BuildStream creates the cas directory, which buildbox-casd needs to be able to write to.

While this branch may make the permissions less restrictive, it still always respects the umask and thus, the user is still in control. I.e., users that don't need to run buildbox-casd as a separate UID can still use BuildStream even with a very restrictive 077 umask.