# we have checked for both existence and "type == symlink" on the same
+ stat call,
# so either it's a link, or it's non-existent, or it's safe to write o
Or you open
ed the symlink, someone replaced it with a regular file, and you stat
ted that. Again, you can make it pretty hard to exploit, but you can't get rid of it entirely without either doing it atomically at the time of the open
) or can check on the filehandle you actually have open (and not what that name points to now).
What might work (but I'm not at all certain) would be to stat the filehandle you have open, stat the file you thought you opened, and confirm that they have the same inode and that it isn't a symlink.