PS: FWIW, equivalent bug on the Linux side is instructive. It had been
_mostly_ fixed about 3 years ago. By patch that had completely missed
a) SMP ordering issues making the fix incomplete
b) similar hole in another turd (dnotify instead of FPOSIX locks)
c) all security implications.
And having talked to the guy who'd done the original changeset I'm
fairly sure that this was no coverup...