The long road to a fix for CVE-2021-20316

Bind mounts are an interesting case. They're much newer than symlinks, and the security implications of allowing any user to perform them are not yet well explored. But they are a separate user-initiated operation which is not normally exposed over network filesystems, making them really a local-only attack.

They actually change the view of the filesystem hierarchy in a way that symlinks don't. Symlinks are a point attack that can modify a specific path quickly and easily to anywhere on the filesystem if allowed or exposed over a network filesystem. IMHO they are much more dangerous.