Issue #415 preflight: Don't download to /tmp/

We are currently downloading various binaries to /tmp with a well-known
name, and (in the crc-driver-libvirt case), we are then making the file
we downloaded suid.
Since /tmp is world-writable, this can be abused by a local user racing
with us, and overwriting crc-driver-libvirt after it's downloaded, but
before it's made suid.
This commit downloads the temporary files to ~/.crc/cache instead, which
is safer as only the current user can write there.

This is related to #415, even if
the main goal is to avoid potential security issues.

Author: cfergeau

pkg/crc/preflight/preflight_checks_darwin.go

@@ -51,8 +51,8 @@ func checkVirtualBoxInstalled() (bool, error) {
 
 func fixVirtualBoxInstallation() (bool, error) {
 	logging.Debug("Downloading VirtualBox")
-	// Download the driver binary in /tmp
-	tempFilePath := filepath.Join(os.TempDir(), "virtualbox.dmg")
+	// Download the virtualbox installer in ~/.crc/cache
+	tempFilePath := filepath.Join(constants.MachineCacheDir, "virtualbox.dmg")
 	_, err := dl.Download(virtualBoxDownloadURL, tempFilePath)
 	if err != nil {
 		return false, err

pkg/crc/preflight/preflight_checks_linux.go

@@ -245,8 +245,8 @@ func checkMachineDriverLibvirtInstalled() (bool, error) {
 
 func fixMachineDriverLibvirtInstalled() (bool, error) {
 	logging.Debugf("Installing %s", libvirtDriverCommand)
-	// Download the driver binary in /tmp
-	tempFilePath := filepath.Join(os.TempDir(), libvirtDriverCommand)
+	// Download the driver binary in ~/.crc/cache
+	tempFilePath := filepath.Join(constants.MachineCacheDir, libvirtDriverCommand)
 	_, err := download.Download(libvirtDriverDownloadURL, tempFilePath)
 	if err != nil {
 		return false, err