SNIA Developer Conference September 15-17, 2025 | Santa Clara, CA
Abstract
The UNIX Filesystem API is profoundly broken, and user-settable symbolic links are to blame. In this talk I will explain how CVE-2021-20316 made me realize how symbolic links, introduced in 4.2BSD Unix from U.C. Berkeley, broke the previously elegant UNIX file system API and file system design. The design and implementation of symbolic links has caused years worth of security flaws and API patches to fix a conceptually broken idea. I also propose a modest suggestion in order to help Linux step away from this mess to a more secure by-design future.
- Security problems with symbolic links on file systems.
- How to fix code to deal with symbolic link security problems.
- Latest Linux innovations to help solve the problem.