insecure-temp-files-anti-pattern

Insecure temporary file creation exposes three attack vectors: predictable file names enabling symlink attacks, insecure permissions allowing unauthorized access, and missing cleanup leaving sensitive data on disk. Attackers exploit these to read sensitive data, inject malicious content, or cause denial of service. AI-generated code frequently suggests simplistic file handling vulnerable to these attacks.

Never create temporary files without securing their location, naming, permissions, and lifecycle management.

Using a predictable name for a temporary file creates a race condition. An attacker can guess the file name and create a symbolic link (symlink) at that location pointing to a sensitive system file. When the application writes to its "temporary" file, it is actually overwriting the linked file.

不安全臨時檔案的安全反模式 (CWE-377)。在產生或檢查建立暫存檔案、處理檔案快取或透過暫存處理上傳的程式碼時使用。偵測可預測的路徑、不安全的權限和缺少的清理。 來源：igbuend/grimbard。