How to: create a temporary file securely

Q. How do I create a temporary file securely under UNIX Bash shell?

A. There are many ways:
[a] mktemp command - make temporary unique filename

[b] $RANDOM - Use $RANDOM variable

mktemp command

From the man page:

The mktemp utility takes the given filename template and overwrites a portion of it to create a unique filename. The template may be any filename with some number of ‘Xs’ appended to it, for example /tmp/tfile.XXXXXXXXXX.

For example, create a temporary file:
$ mktemp /tmp/output.XXXXXXXXXX
Output:

/tmp/output.qBYDtF7199

Send ls command output to /tmp/output.qBYDtF7199:
$ ls > /tmp/output.qBYDtF7199
However, you may need to store temporary file name /tmp/output.qBYDtF7199 to a shell variable:
TMPFILE=$(mktemp /tmp/output.XXXXXXXXXX) ls > $TMPFILE

Create a temporary directory

The -d option makes a directory instead of a file.
TMPDIR=$(mktemp -d /tmp/output.XXXXXXXXXX) cd $TMPDIR # do something

Another example:

TMPFILE=‘mktemp -t /tmp/out.myapp.XXXXXXXXXX‘ && {
    # Safe to use $TMPFILE in this block
    echo data > $TMPFILE
    ...
   # do something
   # clean up
    rm -f $TMPFILE
}

Using $RANDOM variable

Bash also provide $RANDOM variable with random value, you can use the same to create a file or directory:

TEMFILE=/tmp/$RANDOM
> $TEMFILE
# create directory
TEMDIR=/tmp/$RANDOM.$RANDOM
mkdir $TEMDIR
# do something...

Featured Articles:

Share this with other sys admins!
Facebook it - Tweet it - Print it -

{ 2 comments… read them below or add one }

1 matej November 30, 2007: do not ever use $RANDOM for creating files or directories…! mktemp can create also a directory if you use -d option. the “mkdir somethin” (where something can be $RANDOM or whatever else) suffers from race conditions. what would you do if directory was already there and not owned by you? with mktemp -d you have no problems.
2 vivek November 30, 2007: matej,
Actually, I talked about -d option, but forgot to type -d.
I appreciate your post.