Currently, the only usable symlinks (safe_open* functions) are when the user and group of the link are the same as the destination.
It may be inconvenient for users, and we could probably make it less restrictive in some other cases:
- Symlinks owned by root
- Symlinks owned the the user currently running the agent
Do you see any potential risk with this change?