The mktemp utility takes each of the given file name templates and overwrites a portion of it to create a file name. This file name is unique and suitable for use by the application. The template may be any file name with some number of X s appended to it, for example /tmp/temp.XXXX. The trailing X s are replaced with the current process number and/or a unique letter combination. The number of unique file names mktemp can return depends on the number of X s provided; six X s will result in mktemp testing roughly 26 ** 6 combinations.
If mktemp can successfully generate a unique file name, the file is created with mode 0600 (unless the -u flag is given) and the filename is printed to standard output.
If the -t prefix option is given, mktemp will generate a template string based on the prefix and the TMPDIR environment variable if set. The default location if TMPDIR is not set is /tmp. Care should be taken to ensure that it is appropriate to use an environment variable potentially supplied by the user.
Any number of temporary files may be created in a single invocation, including one based on the internal template resulting from the -t flag.
The mktemp utility is provided to allow shell scripts to safely use temporary files. Traditionally, many shell scripts take the name of the program with the pid as a suffix and use that as a temporary file name. This kind of naming scheme is predictable and the race condition it creates is easy for an attacker to win. A safer, though still inferior, approach is to make a temporary directory using the same naming scheme. While this does allow one to guarantee that a temporary file will not be subverted, it still allows a simple denial of service attack. For these reasons it is suggested that mktemp be used instead.
The available options are as follows: