An attacker positions a symbolic link in such a manner that the targeted
						user or application accesses to the link's endpoint, assuming that it is
						accessing a file with the link's name. The endpoint file may be either
						output or input. If the file is output, the result is that the endpoint is
						modified, instead of a file at the intended location. Modifications to the
						endpoint file may include appending, overwriting, corrupting, changing
						permissions, or other modifications. In some variants of this attack the
						attacker may be able to control the change to a file while in other cases
						they cannot. The former is especially damaging since the attacker may be
						able to grant themselves increased privileges or insert false information,
						but the latter can also be damaging as it can expose sensitive information
						or corrupt or destroy vital system or application files. Alternatively, the
						endpoint file may serve as input to the targeted application. This can be
						used to feed malformed input into the target or to cause the target to
						process different information, possibly allowing the attacker to control the
						actions of the target or to cause the target to expose information to the
						attacker. Moreover, the actions taken on the endpoint file are undertaken
						with the permissions of the targeted user or application, which may exceed
						the permissions the attacker would normally have.