Morioh
Login
Alexandrea Abernathy

Alexandrea Abernathy

3 years ago

Security is an eternal race between the techniques and technologies of attackers and those of the defenders. Today, I’m proud to announce a step forward for defenders with a new rule to detect a literal race condition: TOCTOU (or TOCTTOU) vulnerabilities, known in long-form as Time Of Check (to) Time Of Use.

With TOCTOU, the idea is that there’s a window of opportunity between when a privileged program checks a file (Does the file exist? Are permissions okay for what we’re about to do? …) and when it operates on that file (Create the file. Write to the file. …). In that window, an attacker could replace the file with e.g. a symlink to /etc/passwd, and the operation you meant to perform on /home/ann/tmp happens to an important system file instead.

#cpp #security #sast #toctou #cpp-vulnerabilities #c++

How To Win The Race Against TOCTOU Vulnerabilities in C & C++

hackernoon.com

How To Win The Race Against TOCTOU Vulnerabilities in C & C++

Security is an eternal race between the techniques and technologies of attackers and those of the defenders. Today, I'm proud to announce a step forward for defenders with a new rule to detect a literal race condition: TOCTOU (or TOCTTOU) vulnerabilities, known in long-form as Time Of Check (to) Time Of Use. 

1.95 GEEK