> This would mean the kernel gets interrupted, and another process gets
> runnable once IRQ is handled, rigth ?

Or, with SMP, another process gets in sideways because we're not
holding anything locked between the two namei() calls.

> Is this possible ?

If not now, it's likely to be in the future.

> Do you have an idea on how to solve this ? I'm not really familiar with
> VFS ...

It's not specific to VFS; it's a classic security gotcha with any kind
of kernel where you check one thing and then operate on another..

Just don't allow coredumps through symlinks, since it's of dubious
value now that corefiles are named "progname.core" anyway.

Over on tech-security I just proposed a "coredump filename format"
process attribute which would give the folks creating ~/core symlinks
what they really want, which is a way to control where the coredumps
land.

					- Bill