insecure-temp-files-anti-pattern

Insecure temporary file creation exposes three attack vectors: predictable file names enabling symlink attacks, insecure permissions allowing unauthorized access, and missing cleanup leaving sensitive data on disk. Attackers exploit these to read sensitive data, inject malicious content, or cause denial of service. AI-generated code frequently suggests simplistic file handling vulnerable to these attacks.

Never create temporary files without securing their location, naming, permissions, and lifecycle management.

Using a predictable name for a temporary file creates a race condition. An attacker can guess the file name and create a symbolic link (symlink) at that location pointing to a sensitive system file. When the application writes to its "temporary" file, it is actually overwriting the linked file.

不安全临时文件的安全反模式 (CWE-377)。在生成或检查创建临时文件、处理文件缓存或通过临时存储处理上传的代码时使用。检测可预测的路径、不安全的权限和缺失的清理。 来源：igbuend/grimbard。