Skip to content
Critiq Docs

Search docs

Search documentation pages and rules

security.filesystem

Avoid insecure temporary file name helpers

Python temporary files should not use `mktemp` or `tempnam` helpers that create race-prone filenames.

#Metadata

Rule ID
py.security.insecure-temp-file
Severity
medium
Confidence
0.92
Languages
python
Presets
security, strict
Stability
stable
Applies to
block
Tags
filesystem, python, rules-catalog, security, tempfile

#Why it matters

Predictable temporary filenames can enable symlink races and unauthorized file access before creation.

#Remediation

Use `tempfile.NamedTemporaryFile` or `tempfile.mkstemp` to create secure files atomically.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/python/py.security.insecure-temp-file.rule.yaml.

Back to directoryOpen rule in repository