1. Added mode parameter to the safe FITS and HDF5 writing functions
2. Removed the execution bit from the default mode for those files (775 -> 664), since I am quite sure it is unnecessary
3. Essentially added chgrp desi for the final files (via shutil.chown)

I have checked that the write_LSS_scratchcp function works with my user at NERSC (with mode=0o660).

Caveat: the chgrp desi piece seems quite failsafe for DESI users at NERSC, but it may throw an exception in other environments. Not sure if anyone uses the LSS code outside of NERSC; if yes, I could add a try/except construction.

Further considerations:

1. After ensuring that the group is desi, it should be safe to restrict the default permissions to 660 for extra protection from unauthorized reading (even though some higher-level directories already wouldn't let non-desi users through).
2. These changes could be mirrored in mkCat_amtl.py as long as there are no special needs there.