What does this have to do with anything even remotely related to this article, other than it being a webserver? Symlink takeover is not a new vulnerability, and if someone has a user account on your server, you're already owned anyway. Escalating to root is trivial almost always.
The author spends the beginning of the article talking about how he takes security very seriously, that his webserver is practically uncompromisable, and that the odds of it being compromised are so remote because he has "the reflexes of a highly trained ninja" and doesn't run nginx as root.
I'm pointing out that his server isn't as uncompromisable as he's trying to lead the reader to believe.
If the author is truly a "ninja" they wouldn't be running their web application as the nginx www-data user in the first place, and then a web application exploit wouldn't inherently give anyone access to the nginx user either to exploit the log-rotation mechanism via symlink. One can read more about the CVE you linked here[1]. But basically the gist of it is this:
> As the /var/log/nginx directory is owned by www-data, it is possible for local attackers who have gained access to the system through a vulnerability in a web application running on Nginx (or the server itself) to replace the log files with a symlink to an arbitrary file.
This assumes the web application is also running as www-data, which wouldn't be that smart.
