And adding hashes isn't going to help if #2 fails because the tool doesn’t have write access to disk.
You can avoid all this mess by simply never writing anything to the local disk.
Nah; if you don't trust your users to not mess with the results of themeasurement tool, writing to the disk or not is not going to changeyour trust/threat model….
It’s less about security than it is about avoiding breakage. I’m not even really thinking in terms of security, I mainly don’t want the tool to fail in the middle of execution because it can’t write to disk or because an intrepid user tried to modify their results and mucked up the file.
A user could forge their own results without even using the tool and push them repeatedly. Which is another reason why a hash offers no real benefit.
—Andrew