basically /tmp and /var/tmp have the sticky bit set -- making it a nice target to put files there and create a bot or whatever thing that might be harmful. (same reason why you should basically should try to avoind compilers etc om production systems as well). Anyways, this link is a nice one that descrbes the problem if you allow executions http://www.techrepublic.com/blog/linux-and-open-source/secure-temporary-files-in-linux/ it also clearly displays the reason why you never ever should follow the default partitionng schema as you cannot apply such options if it's not separate. (I should probably mention this in a separate report)