How Hard Is It To Open a File?
Summary
A deep dive into the complexities of securely opening files across privilege boundaries. It explains TOCTOU races, path traversal, and why using file descriptors and FD-based APIs is safer than path-based calls, with GNOME libglnx as an example and Flatpak security lessons.