Rescinding in BSD

It seems that the effect of changing permissions on a file is delayed. I just tested Mac OS 10.4.5. I used two accounts (user names), X and Y. I used shell windows in each. In shell X I said

cat > test
abc
def

In shell Y I said

tail -f /Users/X/test

and saw

abd
def

Then in another shell window for X I said

chmod 600 test

so as to keep subsequent modifications to test secret. I then typed “Big secret” in the first X shell. “Big secret” emerged in the Y shell window!

I escalated the defense by closing the file using control-d after chmod 600. I then appended to the file with

cat >> test
Bigger Secret

That too came out on Y's window.

The program tail does not have setuid. The problem is in the kernel.

If X deletes file test and recreates another named test, then the tail program looses access.

I think you can explain all by saying that the permissions bits control the opening of the file, not the reading of it. Deleting the file terminates all access and new files by the old name are indeed new and readers thereof must reopen to continue reading.