Extract file and executable permissions to perm package

Follow up from !5334 (merged)

Extracting these constants should make it easier to audit permissions.

I've tried to keep permission changes to a minimum here. Only changing permissions when they were inconsistent and were in tests.