Yes the script does run as root. These are the kind of situations Im woried about. Thank you for these pointers. Then should I rewrite the code as follows? :

if (-e $tmp_dir) {
    if (-l $tmp_dir) { 
       die "Temporary folder $tmp_dir is a symbolic link!\n"
    }else{
       system ("rm","-rf",$tmp_dir);
       mkdir ($tmp_dir) or 
          die "Unable to make temp folder: $tmpdir: $!\n";
    } 
}else{
    mkdir ($tmp_dir) or 
        die "Unable to make temporary folder $tmp_dir: $!\n";
}
[download]

Thanks!
zzspectrez

Let me direct you to (and I'm by far not trying to pat myself on the back here, but I searched long and hard to come up with what I have, so consider it a smorgesboard (sp?) of my experiences with these same questions) cksec, in particular check out the verifyfile() sub (must carefully read all of the sub) which makes sure a file is what it should be. Also, check out the updatedb() sub, which actually writes to a file and so ensures that it is what it should be.

I wish I could remember where I found this info, in order to give credit to the author, unfortunately I cannot...wait...ah yes, it's from the book Perl for Systems Administrators, which while having too much Windows stuff for my taste, has some great info.

Hope I've helped, enjoy!