1. It circumvents the fact that to write to a file, you MUST be able
to write to its directory, so that the file attributes can be updated.
Wrong, because the file's attributes aren't stored in the directory, but
in the respective inode.
"All vulnerabilities deserve a public fear period prior to patches
--Jason Coombs on Bugtraq