i found three gif images pointing to www.tempelton.com
with adds to buy viagra...
i'm pretty sure i never visited that site...
i wonder how these files ended in /tmp??
it is world writeble (drwxrwxrwt)
so anyone can copy whatever they want to /tmp!?

/tmp is designed for temporary storage by all applications. To write anything they want they have to get to your box. It may be you hit another site or opened an email that had these files as attachments. Since they're in /tmp its safe to delete them.

files from internet should be store in browser cache?
... i never saw image files in /tmp before...

so anyone can copy whatever they want to /tmp!?
That's what /tmp is for. If you don't run SELinux or GRSecurity I suggest you:
- at least mount your temporary partitions (if they are partitions) with the "noexec,nosuid,nodev" flags (note you'll have to test noexec and nodev as it may break some applications),
- use a tmpwatch cronjob to clean up /tmp and
- if you run publicly accessable services use a tool to monitor system (and temporary) directories for files with changing and unexpected permissions like setuid root ones.


... i never saw image files in /tmp before...
What's the date they where put there and who owns them?

i have "/" and "/home" partitions...
didn't check files... too hurry to delete them
what will happen when i set this to /tmp - drwxrwxr-t

Then users who are not part of the owner or group the directory is owned by will not be able to write to it (that includes your unprivileged user account).

if i change permissions like this:
drwxrwx--t 6 root "usergroup" 4096 2006-10-03 23:28 tmp

root and "usergroup" users have accsess...
sticky bit valid for "usergroup" users??
will system run properly??

Since you're bent on experimenting, why don't you just try?
I mean it's not destructive or irreversible.
Just reboot and see.