UNIX for Dummies Questions & Answers

Hello,

I was reading the man pages of find and it says that the -exec option should not be used. I read the following about the recommended option, -execdir:

Code:

 -execdir command {} +
              Like -exec, but the specified command is run from the  subdirec‐
              tory  containing  the  matched  file,  which is not normally the
              directory in which you started find.  This a  much  more  secure
              method  for invoking commands, as it avoids race conditions dur‐
              ing resolution of the paths to the matched files.  As  with  the
              -exec option, the '+' form of -execdir will build a command line
              to process more than one matched file, but any given  invocation
              of command will only list files that exist in the same subdirec‐
              tory.  If you use this option, you must ensure that  your  $PATH
              environment  variable  does not reference the current directory;
              otherwise, an attacker can run any commands they like by leaving
              an appropriately-named file in a directory in which you will run
              -execdir.

I do not really follow the explanation well.

Question 1: What is this race condition they arte talking about?
Question 2: Why if a hacker leaves a file in a directory that the execdir will examine poses a risk? Does the execdir option RUN every file?

Answer 1:
A race condition is when tasks are going in parallel and sometimes the one is sooner finished than the other. Sometimes it will be ok since you expected that the 1st task will finish as 1st and the 2nd as 2nd, but sometimes it could be that the 2nd finishes earlier and so with gives you an awkward or unexpect result.
Race condition - Wikipedia, the free encyclopedia

Answer 2:
Some people use the dot "." in their $PATH. This is good for being lazy since you don't have to use dot-slash to execute a file like ./myscript. But, it can be that there might be some evil person on the box, that put's a self-made ls command in one of your directories. So when the dot in $PATH is not at the end of the list and after the dot there is for example /usr/bin, then not ls from /usr/bin will be taken but the ls from your directory, where you currently stand is. This self-made ls by the evil person can contain something funny, but it can also have very malicious code in it that you don't want to execute like deleting files, thrashing the system etc. corrupting data or exposing data outside.
I usually never have the dot in my $PATH, not even at the end. I type so much every day that I don't mind adding a ./ in front of the things I want to execute.