It might have had to do with a reported "security exploit" by which a person could create a hard link to another file and then the auditing process wouldn't catch accesses to the new link. It was unclear whether this was a problem because the audit wouldn't see the access under the new name at all, or if it reported it only under the new name, or if it allowed one to bypass filesystem permissions somehow. Regardless, it didn't seem like a problem with the link itself, but how other elements of the OS dealt with it, and then only from a "it might do something other than what you expect" or "our other tools are broken" point of view.