A QA is not well suited for such kind of questions, as they require a longer post (a technical blog/article) to answer properly.
These two concepts are not new, and they are not specific to Kubernetes or containers. Symlinks are used to link files and other resources from the file system to a more central repository. On Linux, think of adding a resource to
/usr/local/bin/
directory to be able to use it from the terminal. Environment variables, on the other hand, are key-value pairs that are used to get values based on the key you pass.
Passing the security credentials is always risky when being passed from symlinks, or environment variables. You should use the secure stores provided by the platform. Kubernetes has these Secret values that you must use; how it works internally, please refer to the documentation.
Distribute Credentials Securely Using Secrets - Kubernetes[
^]