I am referring the following article learning symbolic link attacks:

struct stat st;
FILE * fp;
if (argc != 3) {
 fprintf (stderr, "usage : %s file message\n", argv [0]);
 exit(EXIT_FAILURE);
}

if (stat (argv [1], & st) < 0) {
 fprintf (stderr, "can't find %s\n", argv [1]);
 exit(EXIT_FAILURE);
}

if (st . st_uid != getuid ()) {
 fprintf (stderr, "not the owner of %s \n", argv [1]);
 exit(EXIT_FAILURE);
}

if (! S_ISREG (st . st_mode)) {
 fprintf (stderr, "%s is not a normal file\n", argv[1]);
 exit(EXIT_FAILURE);
}

sleep (25);

if ((fp = fopen (argv [1], "w")) == NULL) {
  fprintf (stderr, "Can't open\n");
  exit(EXIT_FAILURE);
}
 
fprintf (fp, "%s\n", argv [2]);
fclose (fp);
fprintf (stderr, "Write Ok\n");
exit(EXIT_SUCCESS);

Now when the program sleeps I rm the arg[1] (using another terminal ) which is the file name and then create a symbolic link for the same file. When I executed as its said in the article I am writing to the file the link is pointing into.

Then I used strace passed the same arguments its giving me "cant open" which means that I dont have access to the file passed as arg[1]. But this is not the case when I executed normally how is strace detecting this ?
Any help is very valuable.

I am writing my own application using ptrace to detect such attacks. I tried using inode numbers to detect this but my application is still referring to the inode number of the file which I am passing.