...
Frequently, there is no need to check for the existence of symbolic links as because this problem can be solved using other techniques. When opening an existing file, for example, the simplest solution is often to drop privileges to the privileges of the user. This solution permits the use of links while preventing access to files for which the user of the application is not privileged.
When creating new files, it may be possible to use functions which that only create a new file where a file does not already exist. This prevents the application from overwriting an existing file during file creation (see FIO03-A. Do not make assumptions about fopen() and file creation).
...
This non-compliant code example opens the file specified by the string file_name for read/write access , and then writes user-supplied data to the file.
...
If the process is running with elevated privileges, an attacker can exploit this code by, for example, by replacing the file with a link to the /etc/passwd authentication file. The attacker can then overwrite data stored in the password file to create a new root account with no password. As a result, this attack can be used to gain root privileges on a vulnerable system.
...