> I will do that. But if we get that far away, it would make sense to
> integrate this back into libc, so that the behavior would be fixed in
> any program. /bin/sh suffers the same problem than ftpd.

I've not looked at what /bin/sh does, IIRC it isn't too complicated
and I had to fix it to get 'cd -' to do anything sensible anyway.

ksh typically remembers how you got somewhere, so 'cd ..' will
take you back over a symlink.

ftpd is, however, much more likely to be in/below a directory that
doesn't have read permissions.

Of course the tracked path is also wrong of someone moves a
directory further up the path.

> But is it POSIX-safe? 

Who knows!
Device/inode pairs are expected to uniquely identify files,
but some filesystems (eg dosfs and layered ones) do have a
bit of trouble generating unique numbers.

What I haven't checked is whether you are allowed to open()
a directory if you only have search permissions.

	David

-- 
David Laight: david@l8s.co.uk