Disallow applications containing symlinks that point outside of the bundle

[jspahrsummers]

A symlink attack could be used against such an application, to allow malicious code to be installed (possibly with superuser permissions, in the case of a privileged install).

This wouldn't really be a bug in Squirrel, but it might be something we should prevent on behalf of client applications.