== Why is this an issue?

include::../description.adoc[]

=== Noncompliant code example

[source,python]
----
import tempfile

filename = tempfile.mktemp() # Noncompliant
tmp_file = open(filename, "w+")
----

=== Compliant solution

[source,python]
----
import tempfile

tmp_file1 = tempfile.NamedTemporaryFile(delete=False) # Compliant; Easy replacement to tempfile.mktemp()
tmp_file2 = tempfile.NamedTemporaryFile() # Compliant; Created file will be automatically deleted
----

== Resources

* https://owasp.org/Top10/A01_2021-Broken_Access_Control/[OWASP Top 10 2021 Category A1] - Broken Access Control
* https://owasp.org/www-project-top-ten/2017/A9_2017-Using_Components_with_Known_Vulnerabilities[OWASP Top 10 2017 Category A9] - Using Components with Known Vulnerabilities
* https://cwe.mitre.org/data/definitions/377[MITRE, CWE-377] - Insecure Temporary File
* https://cwe.mitre.org/data/definitions/379[MITRE, CWE-379] - Creation of Temporary File in Directory with Incorrect Permissions
* https://owasp.org/www-community/vulnerabilities/Insecure_Temporary_File[OWASP, Insecure Temporary File]
* https://docs.python.org/3/library/tempfile.html#deprecated-functions-and-variables[Python tempfile module]
* https://docs.python.org/2.7/library/os.html[Python 2.7 os module]

ifdef::env-github,rspecator-view[]

'''
== Implementation Specification
(visible only on this page)

include::message.adoc[]

'''
== Comments And Links
(visible only on this page)

include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]