lib/osutil: Don't chmod in atomic file creation (fixes #2472)

Instead, trust (and test) that the temp file has appropriate permissions from the start. The only place where this changes our behavior is for ignores which go from 0644 to 0600. I'm OK with that. GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/3756
2016-11-23 14:06:08 +00:00
parent 26730eb083
commit 8559e20237
6 changed files with 57 additions and 17 deletions
--- a/lib/osutil/atomic.go
+++ b/lib/osutil/atomic.go
@@ -29,23 +29,19 @@ type AtomicWriter struct {
 	err  error
 }

-// CreateAtomic is like os.Create with a FileMode, except a temporary file
-// name is used instead of the given name.
-func CreateAtomic(path string, mode os.FileMode) (*AtomicWriter, error) {
+// CreateAtomic is like os.Create, except a temporary file name is used
+// instead of the given name. The file is created with secure (0600)
+// permissions.
+func CreateAtomic(path string) (*AtomicWriter, error) {
+	// The security of this depends on the tempfile having secure
+	// permissions, 0600, from the beginning. This is what ioutil.TempFile
+	// does. We have a test that verifies that that is the case, should this
+	// ever change in the standard library in the future.
 	fd, err := ioutil.TempFile(filepath.Dir(path), TempPrefix)
 	if err != nil {
 		return nil, err
 	}

-	// chmod fails on Android so don't even try
-	if runtime.GOOS != "android" {
-		if err := os.Chmod(fd.Name(), mode); err != nil {
-			fd.Close()
-			os.Remove(fd.Name())
-			return nil, err
-		}
-	}
-
 	w := &AtomicWriter{
 		path: path,
 		next: fd,