There is another concept that I neglected to mention. In cases where something is checked and then later used there is a gap of time when the thing that was checked might be moved out of the way and replaced with a different thing before it is used. That's a classic race condition attack. There is really nothing to attack here but the concept is the same. In that case adding the directory check pedantically does not prevent there being a gap of time when a file might be replaced with a directory and still hit this condition. Also at the time of looking for a directory it might not exist but then a directory might be created after that point and before the save attempt also creating the same condition. It's always best to have atomic operations when possible. In this case the save fails and the error reason is emitted due to that failure and it can't be anything other than exactly what the error condition reports. IMNHO. Bob _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
