I was reading: https://en.wikipedia.org/wiki/Time-of-check_to_time-of-use They showed this code to be buggy and I totally understand why it’s so: But the real question is how to protect against this type of exploits? Answer You can use the O_NOFOLLOW flag. It will cause the open to fail if basename of the path is a symbolic link. That would solve the described attack.