Recommendations
Use file descriptors instead of filenames
Translate filenames into canonical form before use
Create temporary files in restricted directories
Rules
Check file properties securely
Detect and handle file operation errors
Do not create tempory files with predictable names
Verify path and filename parameters
Do not make assumptions about the structure of the underlying filesystem
Ensure files that are operated on refer to the expected file object