Add ownership to robocorp_home_base

If a directory belongs to a user, then he may change the permissions of
that directory. If a new directory is created, it will always belong to
the user, that created it. This change affects use cases, where a
robocorp_home_base was configured, which already exists (on Windows).

We don't want the user (which owned the robocorp_home_base before the
scheduler is started) to be able to modify permissions on newly created
`ROBOCORP_HOME` directories. However, this change cannot protect against
already existing directories, which have malicious code inside them (or
gave full access to a different user).

CMK-19971

src/bin/scheduler/setup/directories.rs

@@ -60,7 +60,7 @@ pub fn setup(
     let (surviving_plans, managed_dir_failures) = setup_managed_directories(plans);
     #[cfg(windows)]
     let (surviving_plans, robocorp_home_failures) =
-        setup_robocorp_home_directories(global_config, surviving_plans);
+        setup_robocorp_home_directories(global_config, surviving_plans, &ownership_setter);
     let (mut surviving_plans, working_dir_failures) =
         setup_working_directories(global_config, surviving_plans, &ownership_setter);
 
@@ -83,6 +83,7 @@ pub fn setup(
 fn setup_robocorp_home_directories(
     global_config: &GlobalConfig,
     plans: Vec<Plan>,
+    ownership_setter: &OwnershipSetter,
 ) -> (Vec<Plan>, Vec<SetupFailure>) {
     use super::windows_permissions::grant_full_access;
     use log::info;
@@ -98,7 +99,10 @@ fn setup_robocorp_home_directories(
     }
     let mut failures = Vec::new();
 
-    if let Err(e) = create_dir_all(&global_config.rcc_config.robocorp_home_base) {
+    if let Err(e) = create_dir_all(&global_config.rcc_config.robocorp_home_base).and_then(|()| {
+        ownership_setter
+            .transfer_ownership_non_recursive(&global_config.rcc_config.robocorp_home_base)
+    }) {
         let error = anyhow!(e);
         for plan in rcc_plans {
             error!(