> >>>>> "Richard" == Richard Earnshaw <rearnsha@arm.com> writes:
> 
> Richard> Hm, why not add a -rm option to find.  Then there can be no
> Richard> race, since we can bypass the inode->filename->inode
> Richard> translation (which is the root cause of the hole).
> 
> No, the race condition is still there; the window is just much
> smaller.  The getdents() call will return a filename, which you then
> stat().  But then you have to use the filename again when you
> unlink().  The problem with filenames is that they're sort of
> ephemeral; they're not guaranteed to not point to a different file
> from the last time you used them.
> 

So combine this with Dave's idea of a chdir.  Then all that unlink needs 
to be passed is the file in the current directory (rather than the path).  
If the stat isn't done until after the chdir then nothing that is unsafe 
can be changed between the stat and the unlink -- I am correct in thinking 
that unlink doesn't need an absolute pathname aren't I (it works on 
slowlaris), or does unlink add the current directory before passing it 
into the kernel?