Comment 4 for bug 732628

I'm not the expert on this topic, but for mount, you should be able to:

1- chdir into the mountpoint
2- perform your sanity checks using "."
3- mount using "."

That way, even if the attacker changes symlinks on the path, you should still be in the original directory he specified. If memory serves, that's what mount.cifs now does, so you might want to take a look at it's source.

For umount, newer kernels since 2.6.34 have a UMOUNT_NOFOLLOW flag, or you can use /bin/umount with --no-canonicalize.

Hope this helps.