While browsing through the tips, I saw several shell scripts that use a file in /tmp/ to store some temporary data. And each one was doing it in a insecure way. Please use mktemp to create a tempfile or directory in a secure way. See the manpage (man mktemp) for more inforrmation. There is a example section at the bottom.
For more background info on why this is important, see the article named Safely Creating Temporary Files in Shell Scripts. Note: mktemp can also create directories with the -d switch, which is better than the way the author describes.
•
[4,519 views]

