I picked these up through some compliance benchmarks, commonly applied to /tmp -- I'd exercise caution with these elsewhere, they're fairly restrictive