During editing synbolic links are not checked, allowing to read tasf files of different users.
vulners.com/securityvulns/securityvulns:doc:8237