diff --git a/src/ioslaves/file/fdreceiver.h b/src/ioslaves/file/fdreceiver.h
--- a/src/ioslaves/file/fdreceiver.h
+++ b/src/ioslaves/file/fdreceiver.h
@@ -39,9 +39,10 @@
 private:
     Q_SLOT void receiveFileDescriptor();
 
-    QSocketNotifier *m_readNotifier;
     int m_socketDes;
     int m_fileDes;
+    QString m_path;
+    QSocketNotifier *m_readNotifier;
 };
 
 #endif
diff --git a/src/ioslaves/file/fdreceiver.cpp b/src/ioslaves/file/fdreceiver.cpp
--- a/src/ioslaves/file/fdreceiver.cpp
+++ b/src/ioslaves/file/fdreceiver.cpp
@@ -70,9 +70,28 @@
 {
     int client = ::accept(m_socketDes, NULL, NULL);
     if (client > 0) {
-        FDMessageHeader msg;
-        if (::recvmsg(client, msg.message(), 0) == 2) {
-            ::memcpy(&m_fileDes, CMSG_DATA(msg.cmsgHeader()), sizeof m_fileDes);
+        // Receive fd only if socket owner is root
+        bool acceptConnection = false;
+#if defined(__linux__)
+        ucred cred;
+        socklen_t len = sizeof(cred);
+        if (getsockopt(client, SOL_SOCKET, SO_PEERCRED, &cred, &len) == 0 && cred.uid == 0) {
+            acceptConnection = true;
+        }
+#elif defined(__FreeBSD__) || defined(__APPLE__)
+        uid_t uid;
+        gid_t gid;
+        if (getpeereid(m_socketDes, &uid, &gid) == 0 && uid == 0) {
+            acceptConnection = true;
+        }
+#else
+#warning Cannot get socket credentials!
+#endif
+        if (acceptConnection) {
+            FDMessageHeader msg;
+            if (::recvmsg(client, msg.message(), 0) == 2) {
+                ::memcpy(&m_fileDes, CMSG_DATA(msg.cmsgHeader()), sizeof m_fileDes);
+            }
         }
         ::close(client);
     }
diff --git a/src/ioslaves/file/file_unix.cpp b/src/ioslaves/file/file_unix.cpp
--- a/src/ioslaves/file/file_unix.cpp
+++ b/src/ioslaves/file/file_unix.cpp
@@ -30,6 +30,7 @@
 #include <QtCore/QFile>
 #include <QtCore/QDir>
 #include <qplatformdefs.h>
+#include <QStandardPaths>
 
 #include <QDebug>
 #include <kconfiggroup.h>
@@ -40,6 +41,7 @@
 #include <utime.h>
 
 #include <KAuth>
+#include <KRandom>
 
 #include "fdreceiver.h"
 
@@ -69,7 +71,8 @@
 
 static const QString socketPath()
 {
-    return QStringLiteral("org_kde_kio_file_helper_%1").arg(getpid());
+    const QString runtimeDir = QStandardPaths::writableLocation(QStandardPaths::RuntimeLocation);
+    return QStringLiteral("%1/filehelper%2%3").arg(runtimeDir).arg(KRandom::randomString(6)).arg(getpid());
 }
 
 bool FileProtocol::privilegeOperationUnitTestMode()
diff --git a/src/ioslaves/file/kauth/fdsender.cpp b/src/ioslaves/file/kauth/fdsender.cpp
--- a/src/ioslaves/file/kauth/fdsender.cpp
+++ b/src/ioslaves/file/kauth/fdsender.cpp
@@ -24,13 +24,18 @@
 FdSender::FdSender(const std::string &path)
         : m_socketDes(-1)
 {
+    SocketAddress addr(path.c_str());
+    if (!addr.address()) {
+        std::cerr << "Invalid socket address" << std::endl;
+        return;
+    }
+
     m_socketDes = ::socket(AF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0);
     if (m_socketDes == -1) {
         std::cerr << "socket error:" << strerror(errno) << std::endl;
         return;
     }
 
-    SocketAddress addr(path);
     if (::connect(m_socketDes, addr.address(), addr.length()) != 0) {
         std::cerr << "connection error:" << strerror(errno) << std::endl;
         ::close(m_socketDes);
diff --git a/src/ioslaves/file/sharefd_p.h b/src/ioslaves/file/sharefd_p.h
--- a/src/ioslaves/file/sharefd_p.h
+++ b/src/ioslaves/file/sharefd_p.h
@@ -22,43 +22,46 @@
 #include <iostream>
 #include <unistd.h>
 #include <sys/socket.h>
+#include <sys/types.h>
+#include <string.h>
+#include <stddef.h>
 
 // fix SOCK_NONBLOCK for e.g. macOS
 #ifndef SOCK_NONBLOCK
 #include <fcntl.h>
 #define SOCK_NONBLOCK O_NONBLOCK
 #endif
 
+#include <QByteArray>
+
 class SocketAddress
 {
     const sockaddr_un addr;
 
 public:
-    SocketAddress(const std::string &path)
+    SocketAddress(const QByteArray &path)
         : addr(make_address(path))
     {
     }
 
     int length() const
     {
-        return sizeof addr;
+        return offsetof(struct sockaddr_un, sun_path) + strlen(addr.sun_path) + 1;
     }
     const sockaddr *address() const
     {
-        return reinterpret_cast<const sockaddr*>(&addr);
+        return addr.sun_path[0] ? reinterpret_cast<const sockaddr*>(&addr) : nullptr;
     }
 
 private:
-    static sockaddr_un make_address(const std::string& path)
+    static sockaddr_un make_address(const QByteArray& path)
     {
-        sockaddr_un a{ AF_UNIX, {0}};
-        std::string finalPath = "/tmp/" + path;
-#ifdef __linux__
-        ::strcpy(&a.sun_path[1], finalPath.c_str());
-#else
-        ::strcpy(a.sun_path, finalPath.c_str());
-        ::unlink(finalPath.c_str());
-#endif
+        sockaddr_un a;
+        memset(&a, 0, sizeof(a));
+        a.sun_family = AF_UNIX;
+        if (path.size() > 0 && path.size() < sizeof(a.sun_path)-1) {
+            ::strncpy(a.sun_path, path.constData(), sizeof(a.sun_path)-1);
+        }
         return a;
     }
 };