# File lib/cgikit/session_store.rb, line 70
  def tmpfile( session_id )
    File.join(@tmpdir, session_id).untaint
  end