Hi, I wouldn't call this a new class of vulnerabilities, it's just one of the symptons of a lack of secure programming in a concurrent environment. Unix-like systems are full of it; I guess there's probably a couple of hundreds of programs in Debian that make use of access(2) for permission checks etc.
I think the severity is only minor, because the timespan for a possible exploit is so minimal, that an attacker would need some fam-like mechanism to monitor the file and still the gain would be small. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]