Rust

Rust

Made by DeepSource

Hardcoded temporary file or directory detected RS-S1003

Security
Major
a01 cwe-377 owasp top 10

This issue is raised when a hardcoded temporary file or directory is detected. Creating and using insecure temporary files can leave the application vulnerable to attacks. Lack of uniqueness in temporary files allows attackers to predict the filename and inject dangerous data into the application through the temporary file.

Consider using a crate such as tempfile to generate temporary files or directories securely. Apart from uniqueness, tempfile always cleans up the temporary resources used as it relies on the OS to remove the file when the last handle is closed.

Bad practice

let dir = std::fs::create_dir_all("/tmp/my_app_temp_dir")?;

Recommended

use tempfile::tempdir;

let dir = tempdir()?;

References