I don't think that this is particularly good advice. Please correct me if I am wrong, but the CGI docs clearly state that temp dirs are found in the following order:
~user/tmp
$ENV{TMPDIR}
the usual suspects (/usr/tmp, /var/tmp, C:\temp, /tmp, /temp, ::Temporary Items, and \WWW_ROOT)
I don't see any mention of it looking at the value of $TempFile::TMPDIRECTORY (whatever that might be) and I certainly wouldn't recommend anyone start hacking CGI.pm.
You are right. But what if he or his sysadmin created another tmp directory, and disabled all the places, where CGI.pm looks after? I don't think that's impossible. What can he do then instead of hacking?