> Hi,
>
> Ulrich Windl wrote:
> >
> >I have a different view: The current implementation does not make
> >sure that every process has a current working directory (i.e.
> >possibly it is not allowed to create ./tempfile). Although I'm not in
>
> If you are in a CWD where somebody can pull the rug from under you, then
> presumably you have a security problem with writing.
>
> On the other hand, if you can't delete a directory because somebody is
> using it, then you cannot do anything but bail out and die.
With the very same arguments you can allow to delete the disk image
of a running process in the very same way as you can delete a file
that is open for access. There is no reason other but historical why
this is like it is.
>
> Preventing random people from deleting your directory is a whole lot easier
> than preventing people from walking into your directories (which is
> impossible because of the guy named "root").
The guy named "root" can also delete your home directory while you
are in Emacs...
> I don't like the idea of a race condition where I can't ever be sure that
> my rmdir("/var/spool/whatever/job-0815") is successful at about 3 am
> because that's when my network backup is running.
Why would you want to do that? Your arguments are NOT convincing.
Ulrich