DEV Community


Posted on

【Bash】Creating a secure and versatile temp directory


  • The code for making tmp directory, which is usually used in shell, has the following points to be improved.
    • Because of the direct specification such as mkdir /tmp/path, the names will be duplicated in some cases.
    • Because of the direct designation, it is not secure in terms of security.
    • The names need to be unique and also add relevance so that they are easy to use and generic within the process.


  • First, we describe the following contents in the shell file we have prepared as a result.

basepath=$(basename $0)
timestamp=$(date +%Y%m%d%H%M%S)
tmpd=$(mktemp -dt "$basepath.$timestamp.$$")/
echo $tmpd

# Outputs
  • After describing it, run it multiple times to check for creation and non-overlapping of names in the output path, and you're done.

Using the mktemp command

  • You can use the mktemp command to create a directory, it creates files and directories of size 0 automatically.
    • For more information on how to use mktemp, please refer to Reference

Use of Template Options

  • When creating with mktemp, use the t(template) option, which is specific to this command.
  • By doing so, the directory will be created in the path set in the $TMPDIR automatically without specifying the directory name.
    • ※To find the configured tmp directory, use echo $TMPDIR.
    • ※If it is not set, it is specified directly by -p or stored in /tmp.

Add related items to the name

  • Add anything relevant to the name to make it easier to use when processing it in the program.
  • At a minimum, we have added the following.
    • Execution path name
    • Timestamp (time)


Top comments (0)