...
A web browser that failed to check for these devices would allow an attacker to create a website with image tags such as <IMG SRCsrc="file:///dev/mouse" > that would lock the user's mouse.
...
| Wiki Markup |
|---|
When available (Linux 2.1.26126+, FreeBSD, Solaris 10, POSIX.1-2008), the {{O_NOFOLLOW}} should also be used, see \[[POS01-A. Check for the existence of links]\]. When {{O_NOFOLLOW}} is not available, symbolic link checks should use the method from \[[POS35-C. Avoid race conditions while checking for the existence of a symbolic link]\]. |
...