Merge remote-tracking branch 'upstream/main' into becca/autoupdate-pk…

…g-remove
kolide · Apr 10, 2024 · 8e23d77 · 8e23d77
2 parents 9a695ca + c34b58a
commit 8e23d77
Showing 1 changed file with 7 additions and 3 deletions.
diff --git a/ee/tuf/library_manager.go b/ee/tuf/library_manager.go
@@ -153,13 +153,17 @@ func (ulm *updateLibraryManager) stageAndVerifyUpdate(binary autoupdatableBinary
 		return stagedUpdatePath, fmt.Errorf("verification failed for target %s staged at %s: %w", targetFilename, stagedUpdatePath, err)
 	}
 
-	// Everything looks good: create the file and write it to disk
-	out, err := os.Create(stagedUpdatePath)
+	// Everything looks good: create the file and write it to disk.
+	// We create the file with 0655 permissions to prevent any other user from writing to this file
+	// before we can copy to it.
+	out, err := os.OpenFile(stagedUpdatePath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0655)
 	if err != nil {
 		return "", fmt.Errorf("could not create file at %s: %w", stagedUpdatePath, err)
 	}
 	if _, err := io.Copy(out, &fileBuffer); err != nil {
-		out.Close()
+		if err := out.Close(); err != nil {
+			return stagedUpdatePath, fmt.Errorf("could not write downloaded target %s to file %s and could not close file: %w", targetFilename, stagedUpdatePath, err)
+		}
 		return stagedUpdatePath, fmt.Errorf("could not write downloaded target %s to file %s: %w", targetFilename, stagedUpdatePath, err)
 	}
 	if err := out.Close(); err != nil {