How do I create a temporary file in a secure manner?

Good question. To be filled in later. (Interim hints: tempfile is not portable. mktemp exists more widely, but it may require a -c switch to create the file in advance; or it may create the file by default and barf if -c is supplied. Some systems don't have either command (Solaris, POSIX). There does not appear to be any single command that simply works everywhere.)

The traditional answer has usually been something like this: 

   # Do not use!  Race condition!
   TEMPFILE=/tmp/myname.$$
   trap 'rm -f $TEMPFILE; exit 1' 1 2 3 15
   rm -f $TEMPFILE
   touch $TEMPFILE

The problem with this is: if the file already exists (for example, as a symlink to /etc/passwd), then the script may write things in places they should not be written. Even if you remove the file immediately before using it, you still have a RaceCondition: someone could re-create a malicious symlink in the interval between your shell commands.

In some systems (like Linux): 

# Sets $TMPDIR to "/tmp" only if it didn't have a value previously
TMPDIR=${TMPDIR:-/tmp}
# We can find about $TMPDIR in http://www.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap08.html

# Creates a particular temporary directory inside $TMPDIR
TEMPORARY_DIR=$(mktemp -d "$TMPDIR/XXXXXXXXXXXXXXXXXXXXXXXXXXXXX") || { echo "ERROR creating a temporary file"; exit 1; }

# When the program exits, it tries to remove the temporary folder
trap 'rm -rf "$TEMPORARY_DIR"' 0
# Note: this code is executed even if the process receives a signal 1,2,3 or 15 (not if it receives a 9 signal, of course)

And then you can create your particular files inside the temporary folder. If you want to make life more difficult to an adversary and you are using Bash, you can use random numbers in the names of your temporary files to prevent strange cases like when you are using a shared system, your program is paused for a long time, its process ID is known, it uses a temporary file, root runs Tmpwatch (or similar) to delete temporary files that are not used for a long time and an adversary creates a replica of your temporary folder (if you use random names the adversary will be able to know the name of your temporary folder but not the name of your files inside it). For example: 

# Prepares the name of the future temporary file
TEMPORARY_FILE="$TEMPORARY_DIR/strings-$RANDOM-$RANDOM-$RANDOM"
# Then you can use the temporary file, like in
grep string file > "$TEMPORARY_FILE"

A different suggestion (remove if not universal): A temporary directory can be created that is unlikely to match an existing directory using the RANDOM variable as follows: 

   TEMP_DIR=/tmp/$RANDOM
   mkdir $TEMP_DIR

This will make a directory of the form: /tmp/20445/. To decrease the chance of collision with an existing directory, the RANDOM variable can be used a number of times: 

   TEMP_DIR=/tmp/$RANDOM-$RANDOM-$RANDOM
   mkdir $TEMP_DIR

This will make a directory of the form: /tmp/24953-2875-2182/ . This avoids a race condition because the mkdir is atomic, as we see in FAQ #45.

Another not-quite-serious suggestion is to include C code in the script that implements a mktemp(1) command based on the mktemp(3) library function, compile it, and use that in the script. But this has a couple problems: