 
 
 
 
 
 
   
Processes typically create temporary files by generating a random filename via mktemp(3) and then opening that file in the /tmp directory. A more secure way for doing so is through mkstemp(3), which generates the filename and opens the file in one atomic operation, thus eliminating the potential for races. Both functions, which reside in libc, make use of arc4random(3) to generate the random filenames, making it much harder for an attacker to guess the names in advance.
 
 
 
 
