diff --git a/backupninja b/backupninja
index e5c55aea505aef9912feafa5cb91ddc95fe42465..d52f4cdf45c9c76002b408d0ed446652c3d092f9 100755
--- a/backupninja
+++ b/backupninja
@@ -305,7 +305,14 @@ function process_action() {
 	let "actions_run += 1"
 
 	# call the handler:
-	local bufferfile="/tmp/backupninja.buffer.$$"
+	[ if -x /bin/mktemp ]
+	then
+		local bufferfile=`mktemp /tmp/backupninja.buffer.XXXXXXXX`
+	else
+		DATE=`date`
+		sectmp=`echo $DATE | /usr/bin/md5sum | cut -d- -f1`
+		local bufferfile=/tmp/backupninja.buffer.$sectmp
+	fi
 	echo "" > $bufferfile
 	echo_debug_msg=1
 	(
diff --git a/changelog b/changelog
index 13b6cd1e0756ea0f990d350c0288ad2dc85a49f7..8ba0ab5979b24927adacb0ad21a59da2ca577974 100644
--- a/changelog
+++ b/changelog
@@ -1,4 +1,5 @@
 	removed erroneous magic file marker in pgsql handler
+	fixed insecure temporary file creation
 version 0.8 -- September 15 2005
 	added pgsql (PostgreSQL) handler, with vservers support.
 	added vservers support to duplicity handler