Prosphere - Security Concerns related to Discovery by UNIX Team

We've been using EMC Control Center for years and are now deploying ProSphere.

The Unix administrators are very concerned about the way ProSphere discovers and collects information from the unix/linux hosts.

1. ProSphere pushes out a file that then needs to be run as root (via sudo).  The Unix admins state they have no way of controlling what EMC is putting in the file.  It is possible to have a file with trojan commands be pushed out and run as root on every host.
2. The permissions/ownership of the file pushed out needs to be controlled better.
3. Using /tmp for the location of the file pushed out by ProSphere and run via sudo is not best practice.

Is anyone else running into these issues when deploying ProSphere?

Are security audits reviewing this discovery/management design and not finding any issues?

I tried to open a product enhancement request to correct these issues, but was told that development already knows about this and there are no plans to change the discovery/management process.

I did try to alleviate the Unix team concerns by:

• Reviewing the contents of the file pushed out by EMC with them.
• Attempting to put the reviewed file on the host and lock it down so that ProSphere did not push out a new version - but ProSphere complained that is could not push out the file.
• Link the location of the file in /tmp to a non-temp directory that is easier to secure on the host.

If there are other ways to address the Unix team concerns, please share the information.