It appears that in rc_node_delete() near rc_node.c:3359, we drop our node lock while checking permissions. I'm trying to understand whether this is a rule, as I can see no other reason for dropping the lock there. If so, three calls to rc_node_modify_permission_check() seem to be in error; they are made while holding a node lock, despite that function's non-use of anything which could be protected by it.
For the curious, the context is avoiding deadlock within configd in the face of an NSS module which may call, e.g., scf_simple_prop_get. -- Keith M Wesolowski "Sir, we're surrounded!" FishWorks "Excellent; we can attack in any direction!"
