The
utility takes each of the given file name templates and overwrites a
portion of it to create a file name.
This file name is unique
and suitable for use by the application.
The template may be
any file name with some number of
`X'
Ns s
appended
to it, for example
/tmp/temp.XXXX
The trailing
`X'
Ns s
are replaced with the current process number and/or a
unique letter combination.
The number of unique file names
can return depends on the number of
`X'
Ns s
provided; six
`X'
Ns s
will
result in
selecting 1 of 56800235584 (62 ** 6) possible file names.
If
can successfully generate a unique file name, the file
is created with mode 0600 (unless the
-u
flag is given) and the filename is printed
to standard output.
If the
-t prefix
option is given,
will generate a template string based on the
prefix
and the
TMPDIR
environment variable if set.
The default location if
TMPDIR
is not set is
/tmp
Care should
be taken to ensure that it is appropriate to use an environment variable
potentially supplied by the user.
Any number of temporary files may be created in a single invocation,
including one based on the internal template resulting from the
-t
flag.
The
utility is provided to allow shell scripts to safely use temporary files.
Traditionally, many shell scripts take the name of the program with
the pid as a suffix and use that as a temporary file name.
This
kind of naming scheme is predictable and the race condition it creates
is easy for an attacker to win.
A safer, though still inferior, approach
is to make a temporary directory using the same naming scheme.
While
this does allow one to guarantee that a temporary file will not be
subverted, it still allows a simple denial of service attack.
For these
reasons it is suggested that
be used instead.
OPTIONS
The available options are as follows:
-d
Make a directory instead of a file.
-q
Fail silently if an error occurs.
This is useful if
a script does not want error output to go to standard error.
-t prefix
Generate a template (using the supplied
prefix
and
TMPDIR
if set) to create a filename template.
-u
Operate in
``unsafe''
mode.
The temp file will be unlinked before
exits.
This is slightly better than
mktemp(3)
but still introduces a race condition.
Use of this
option is not encouraged.
EXIT STATUS
The
utility
exits 0 on success, and 1 if an error occurs.
EXAMPLES
The following
sh(1)
fragment illustrates a simple use of
where the script should quit if it cannot get a safe
temporary file.
A
utility appeared in
Ox 2.1 .
This implementation was written independently based on the
Ox man page, and
first appeared in
Fx 2.2.7 .
This man page is taken from
Ox .
