address review comments

src/lib.rs

@@ -26,12 +26,14 @@
 //! In the presence of pathological temporary file cleaner, relying on file paths is unsafe because
 //! a temporary file cleaner could delete the temporary file which an attacker could then replace.
 //!
-//! `tempfile` doesn't rely on file paths, so this should not be an issue. However,
-//! `NamedTempFile` does rely on file paths for _some_ operations. On Unix-like
-//! operating systems and depending on your use case, it may be possible to
-//! mitigate this issue by overriding the crate's default options. For more information,
-//! consult the Security documentation of the [`NamedTempFile`] type,
-//! [`Builder::permissions`] and [`env::override_temp_dir`].
+//! This should not be an issue for `tempfile`, as it does not rely on file paths
+//! and a temporary file's default permissions on Unix is 0600 by default.
+//! However, `NamedTempFile` does rely on file paths for _some_ operations.
+//! Take a look at the Security documentation of [`NamedTempFile`] for more information.
+//!
+//! On Unix-like operating systems and depending on your use case, it may be possible to
+//! mitigate this issue by overriding the crate's default options for temporary
+//! directories. See [`Builder::permissions`] and [`env::override_temp_dir`].
 //!
 //! The OWASP Foundation provides a resource on vulnerabilities concerning insecure
 //! temporary files: https://owasp.org/www-community/vulnerabilities/Insecure_Temporary_File
@@ -175,7 +177,7 @@ pub use crate::file::{
 };
 pub use crate::spooled::{spooled_tempfile, SpooledData, SpooledTempFile};
 
-/// Create a new temporary file or directory with custom parameters and permissions.
+/// Create a new temporary file or directory with custom options.
 #[derive(Debug, Clone, Eq, PartialEq)]
 pub struct Builder<'a, 'b> {
     random_len: usize,