How to: create a temporary file securely

Q. How do I create a temporary file securely under UNIX Bash shell?

A. There are many ways:
[a] mktemp command – make temporary unique filename

[b] $RANDOM – Use $RANDOM variable

mktemp command

From the man page:

The mktemp utility takes the given filename template and overwrites a portion of it to create a unique filename. The template may be any filename with some number of ‘Xs’ appended to it, for example /tmp/tfile.XXXXXXXXXX.

For example, create a temporary file:
$ mktemp /tmp/output.XXXXXXXXXX
Output:

/tmp/output.qBYDtF7199

Send ls command output to /tmp/output.qBYDtF7199:
$ ls > /tmp/output.qBYDtF7199
However, you may need to store temporary file name /tmp/output.qBYDtF7199 to a shell variable:
TMPFILE=$(mktemp /tmp/output.XXXXXXXXXX)
ls > $TMPFILE

Create a temporary directory

The -d option makes a directory instead of a file.
TMPDIR=$(mktemp -d /tmp/output.XXXXXXXXXX)
cd $TMPDIR
# do something

Another example:

TMPFILE=‘mktemp -t /tmp/out.myapp.XXXXXXXXXX‘ && {
    # Safe to use $TMPFILE in this block
    echo data > $TMPFILE
    ...
   # do something
   # clean up
    rm -f $TMPFILE
}

Using $RANDOM variable

Bash also provide $RANDOM variable with random value, you can use the same to create a file or directory:

TEMFILE=/tmp/$RANDOM
> $TEMFILE
# create directory
TEMDIR=/tmp/$RANDOM.$RANDOM
mkdir $TEMDIR
# do something...

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 2 comments so far... add one


CategoryList of Unix and Linux commands
Disk space analyzersdf duf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Modern utilitiesbat exa
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg glances gtop jobs killall kill pidof pstree pwdx time vtop
Searchingag grep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
2 comments… add one
  • matej Nov 30, 2007 @ 13:27

    do not ever use $RANDOM for creating files or directories…! mktemp can create also a directory if you use -d option. the “mkdir somethin” (where something can be $RANDOM or whatever else) suffers from race conditions. what would you do if directory was already there and not owned by you? with mktemp -d you have no problems.

  • 🐧 nixCraft Nov 30, 2007 @ 14:41

    matej,

    Actually, I talked about -d option, but forgot to type -d.

    I appreciate your post.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum