# HG changeset patch
# User Paul Fisher <paul@pfish.zone>
# Date 1445784332 14400
# Node ID e58bfc7fc20749b290494e1b5dee376abdd1ee82
# Parent  4db389f948c9f93616049b218dff4172104e5f3d
Make multipass files default all-readable.

diff -r 4db389f948c9 -r e58bfc7fc207 file/file.go
--- a/file/file.go	Sun Oct 25 00:03:06 2015 -0400
+++ b/file/file.go	Sun Oct 25 10:45:32 2015 -0400
@@ -143,9 +143,10 @@
 	h := new(writeHandle)
 	h.tempName = tempName
 	h.fileName = fileName
-	// Open the output file, readable only by the current user.
+	// Open the output file, readable by everybody, but only if it doesn't exist.
+	// This prevents race conditions.
 	oldUmask := unix.Umask(077)
-	tempFile, err := os.Create(tempName)
+	tempFile, err := os.OpenFile(tempName, os.O_CREATE | os.O_EXCL | os.O_WRONLY | os.O_SYNC, 0600)
 	unix.Umask(oldUmask)
 	if err != nil {
 		return nil, err
@@ -178,8 +179,13 @@
 			h.bail()
 			return nil, err
 		}
+	} else {
+		// TODO(pfish): Restrict ACL to only multipass authenticators.
+		if err := h.tempFile.Chmod(0644); err != nil {
+			h.bail()
+			return nil, err
+		}
 	}
-	// TODO(pfish): If there is no input file, set the right permissions + group on the output file.
 	h.writer = bufio.NewWriter(h.tempFile)
 	if _, err := h.writer.WriteString(Banner + "\n"); err != nil {
 		return nil, err