|
The use of mkstemp for creating names for temporary files leaves the file in the disk. Why not use tmpfile(), that removes the file when it's closed? This way it's possible to use the name to create a directory, for instance.
Please, no. You have to rely on library guarantees for a secure implementation. Some Unices, especially older variants, do not make such guarantees.
See http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/avoid-race.html
- Christian