==== Strong security controls

Temporary files can be created using unsafe functions and API as long as strong
security controls are applied. Non-temporary file-handling functions and APIs
can also be used for that purpose.

In general, applications should ensure that attackers can not create a file
before them. This turns into the following requirements when creating the files:

* Files should be created in a non-public directory.
* File names should be unique.
* File names should be unpredictable. They should be generated using a
    cryptographically secure random generator.
* File creation should fail if a target file already exists.

Moreover, when possible, it is recommended that applications destroy temporary
files after they have finished using them.