IMHO that behavior for file_name_lookup_under is clearly wrong, and perhaps dangerously so.
The original point of using something that resolves to dir_lookup("/",...)
rather than a lookup of "." is that it should not require actual lookup
permission, but should still require that it be a directory. So, if you
have an fd on which you don't have read or execute (lookup) permissions,
then fdopendir should fail with ENOTDIR rather than EACCES.
Thanks,
Roland
