On 2009-10-24 Derek Martin wrote: > 1. It circumvents the fact that to write to a file, you MUST be able > to write to its directory, so that the file attributes can be updated.
Wrong, because the file's attributes aren't stored in the directory, but in the respective inode. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
