Knowing what to be concerned about in security is a skill, it is possible to overengineer security and put too much effort in non risks.

This reminds me of when a student was concerned about the client leaking the server's ip address.

Not saying that there aren't vulns, but the fix is fixing the bug and using a standard hardening mechanism like selinux or unix users. I strongly doubt that the root issue is the good old filesystem api everyone has been using for decades, it's more likely to be your code bro