Writing to a Temporary File
Problem
You want to write data to a secure temporary file with a unique name.
Solution
Create a Tempfile object. It has all the methods of a File object, and it will be in a location on disk guaranteed to be unique.
require 'tempfile' out = Tempfile.new("tempfile") out.path # => "/tmp/tempfile23786.0"
A Tempfile object is opened for read-write access (mode w+), so you can write to it and then read from it without having to close and reopen it:
out << "Some text." out.rewind out.read # => "Some text." out.close
Note that you can't pass a code block into the Tempfile constructor: you have to assign the temp file to an object, and call Tempfile#close when you're done.
Discussion
To avoid security problems, use the Tempfile class to generate temp file names, instead of writing the code yourself. The Tempfile class creates a file on disk guaranteed not to be in use by any other thread or process, and sets that file's permissions so that only you can read or write to it. This eliminates any possibility that a hostile process might inject fake data into the temp file, or read what you write.[3]
[3] Unless the hostile process is running as you or as the root user, but then you've got bigger problems.
The name of a temporary file incorporates the string you pass into the Tempfile constructor, the process ID of the current process ($$, or $PID if you've done an include English), and a unique number. By default, temporary files are created in Dir:: tmpdir (usually /tmp), but you can pass in a different directory name:
out = Tempfile.new("myhome_tempfile", "/home/leonardr/temp/")
No matter where you create your temporary files, when your process exits, all of its temporary files are automatically destroyed. If you want the data you wrote to temporary files to live longer than your process, you should copy or move the temporary files to "real" files:
require 'fileutils' FileUtils.mv(out.path, "/home/leonardr/old_tempfile")
The tempfile assumes that the operating system can atomically open a file and get an exclusive lock on it. This doesn't work on all filesystems. Ara Howard's lockfile library (available as a gem of the same name) uses linking, which is atomic everywhere.