Many vulnerbilities involving files and file operations rely on a program accessing a predetermined file or directory.
If the underlying file and directory structure is manipulated in a way that makes that program access a different file than the one intended, a program may access and use bad data .
leading to unintended program behavior
For instance, this is the technique used by many attacks targeting UNIX symlinks and Windows shortcuts.
Once the correct file has been opened, a program is no longer vulnerableto these types of attacks so long as the file is accessed via a file descriptor.
h2 Non-compliant Example 1
h2 Compliant Solution 1