...
A web browser that failed to check for these devices would allow an attacker to create a website with image tags such as <IMG src="file:///dev/mouse" > that would lock the user's mouse.
...
Noncompliant Code Example
In this example, the user can specify a locked device or a FIFO file name, causing the program to hang on the call to fopen().
...
When available (Linux 2.1.126+, FreeBSD, Solaris 10, POSIX.1-2008), the O_NOFOLLOW should also be used (see POS01-AC. Check for the existence of links when dealing with files). When O_NOFOLLOW is not available, symbolic link checks should use the method from POS35-C. Avoid race conditions while checking for the existence of a symbolic link.
...
Automated Detection
Fortify SCA Version 5.0 is able to can detect violations of this rule.
...