.tempfile permissions don't seem to work, I don't know when they broke. You're not supposed to be able to open files outside of the patterns in the PermitFileReading array, but that doesn't seem to work for me e.g.:
$ strace -fefile gs -sDEVICE=ppmraw -dSAFER
GS>(/proc/self/cwd/hello) (w) .tempfile
open("/proc/self/cwd/hello26E8LQ", O_RDWR|O_CREAT|O_EXCL, 0600) = 3
This means you can create a file in any directory (I don't think you can prevent the random suffix).