Use file handles instead of string-based file names wherever possible
translate filenames into canonical form before use
Open files with the fewest privileges necessary
Check access rights before operating on a file
Detect and handle file operation errors
Do not create tempory files with predictable names
Verify path and filename parameters
Do not make assumptions about the structure of the underlying filesystem
Ensure files that are operated on refer to the expected file object