The DataDirect for ODBC drivers temporarily buffer data to disk when fetching data from a database and returning the data to the application. When the driver buffers data to disk, it writes the data to a file in the temp directory on the system. Care should be taken to restrict access to the files in the temp directory.

On Windows systems, the temp directory can be specified by one of the following environment variables. The driver looks for the environment variables in the following order:
  1. TMP
  2. TEMP
  3. USERPROFILE

The TMP and TEMP environment variables specify a folder in the current users AppData folder by default. The AppData folder is typically accessible only by the user. However, if the TMP or TEMP environment variables have been changed from the default, ensure that the specified folder is accessible to only the user running the application.

On Unix and Linux systems, the driver looks for the environment variables in the following order:
  1. QE_TMPDIR
  2. TMPDIR

Make sure the directory specified by the QE_TMPDIR or TMPDIR variables is restricted to the same user that the application is running under. If a value for QE_TMPDIR or TMPDIR is not specified, the /tmp directory is used.

Note that if there is more than one user or application using the machine on which the driver is deployed, it might be difficult to secure the directory specified by TMPDIR. In that scenario, restricting access to that directory could negatively impact the other users or applications on the machine. Therefore, we recommend that you use QE_TEMPDIR to specify the driver temporary directory. The QE_TEMPDIR variable is used exclusively by DataDirect ODBC drivers. Using QE_TEMPDIR allows permissions to the folder to be restricted, without impacting other users or applications.