File Handling

File handling on unix system is NOT transactional. Many utilities first check access to a file and later start modifying it. There is no guarantee whatsoever that the file still points to the same inode or that the ownership is still the same. Again the problem is worse with setUID programs.

Additional problems with files are directory rights (watch who has write permissions in parent directories) and especially watch out for filenames with spaces which are split into several parameters in shell scripts if not properly quoted.