In my experience I think the biggest bottleneck that I've found is filesystem performance. FFS (Fast File System) is pretty freakin slow, and you should really consider redundancy options in case one of the drives fails because its tolerance for recovery from failure isn't the best. It definitely isn't the most optimal or sometimes even viable solution for when you need performance on the filesystem to be high.
Given these things though chances are a lot lower that someone finds something filesystem-level which constitutes a way to hide malicious code or whatever (For example NTFS and hiding malware in Alternative Data Streams [1] or messing around with timestamps [2], or local privilege escalation in Linux's filesystem layer being a big vector for attack lately [3] - Hell even WSL mounting /mnt/c/ as chmod 777 which can wreck some real havok in something as basic as a few lines of python or ruby like stealing your browser session cookies [4] or just wrecking your windows install by deleting system32 like a bad prank from a decade ago [5])
