imwheel-solo in imwheel package allows local users to modify arbitrary files via a symlink attack from the .imwheelrc file.