Temporary files created in the operating system tmp directory are by default accessible to other users. This can in some cases lead to information exposure, or in the worst case to remote code execution.
Use a well tested library like tmp for creating temprary files. These libraries ensure both that the file is inaccesible to other users and that the file does not already exist.
The following example creates a temporary file in the operating system tmp directory.
The file created above is accessible to other users, and there is no guarantee that the file does not already exist.
The below example uses the tmp library to securely create a temporary file.