Repo Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage


What/why is mktemp?

Mktemp is a simple utility designed to make temporary file handling in shells scripts be safe and simple. Traditionally, people writing shell scripts have used constructs like:


which are trivial to attack. If such a script is run as root it may be possible for an attacker on the local host to gain access to the root login, corrupt or unlink system files, or do a variety of other nasty things.

The basic problem is that most shells have no equivalent to open(2)’s O_EXCL flag. While it is possible to avoid this using temporary directories, I consider the use of mktemp(1) to be superior both in terms of simplicity and robustness. See the man page for more information.

I originally wrote mktemp(1) for the OpenBSD operating system and this version tracks any changes made to the mktemp(1) included with OpenBSD. Subsequently, many of the major Linux distributions started to include it in their distributions. I strongly encourage other OS vendors to either include mktemp(1) or something like it with their base OS.

Where to get it

The latest version of mktemp may always be gotten via anonymous ftp from in the directory /pub/mktemp/. You can also find it on the web at

Mktemp is distributed under an ISC-style license. Refer to for details.

Web page

There is a mktemp web page at that contains on-line documentation and other information.

Mailing lists

The mktemp-announce mailing list receives new release announcements and information about mktemp-related security issues.

To subscribe, please visit the following web page:

Bug reports

If you have found what you believe to be a bug, you can file a bug report in the mktemp bug database, at