Comment 4 for bug 375371

Bug #578922 discusses security implications of having MySQL use /tmp as its temporary directory, and I have redirected that part of the discussion of that bug here. Basically, if MySQL can write to a world-readable directory, then an SQL injection in a web application could write out a file to later be included in that web application for arbitrary code execution. If you are going to move the temporary directory, would it be possible to either make that directory 700 or 750 and if not set the mysql umask to 077 or 027?