On-disk format robustness requirements for new filesystems

I recently discovered one can craft FAT32 filesystems containing filenames which break POSIX guarantees, and they'll be gladly accepted by the Linux driver. For instance, you can get a file named ../../dev/sda that'll break just about every userspace tool acting on it. And no, that's not even a symlink, so typical countermeasures will fail to reject it. Imagine mounting that from a USB drive into /mnt/stick and something privileged comes along writing into /mnt/stick/../../dev/sda, because it totally looks like a regular file.