A time-of-check-to-time-of-use bug (TOCTTOU − pronounced "TOCK too") is a software bug caused by changes in a system between the "checking" of a condition (such as a security credential) and the "use" of the results of that check. It is a kind of race condition.
A simple example is as follows: Consider a Web application that allows a user to edit pages, but allows administrators to lock pages to prevent editing. A user requests to edit a page, getting a form by which they can alter its content. Before the user submits the form, an administrator locks the page, which should prevent editing. However, since the user has already begun editing, when they submit the form, their edits are accepted. When the user began editing, their authorization was "checked", and they were indeed allowed to edit. However, the authorization was "used" later, after they should no longer have been allowed.
"access" Example
In Unix, the following C code, when used in a setuid program, is a TOCTTOU bug:if (access(file, R_OK) != 0) { exit(1);}
fd = open(file, O_RDONLY);// do something with fd...
Here, "access" is intended to check whether the real user who executed the setuid program would normally be allowed to read the file (i.e., "access" checks the real userid rather than effective userid).
This race condition is vulnerable to an attack:
# Create a file the user can read # Start the program # Change the file to a symlink pointing to a file that the user shouldn't be able to read
Although this sequence of events requires precise timing, it is possible for an attacker to arrange such conditions without too much difficulty.
The implication is that the "access" system call, as it currently exists in Unix, should never be used except as the first step of a Test and Test-and-set.
References
* [http://www.usenix.org/events/sec05/tech/borisov.html Fixing Races for Fun and Profit: How to abuse atime] * [http://www.usenix.org/events/fast08/tech/tsafrir.html Portably Solving File TOCTTOU Races with Hardness Amplification]
Time-of-Check-to-Time-Of-Use-Problem — Der Begriff Time of Check to Time Of Use Problem, abgekürzt auch als TOCTTOU (ausgesprochen als TOCK too) beschreibt ein durch einen Programmfehler (Software Bug) bei der Ausführung Computerprogrammen auftretendes Problem. Allgemein wird damit… … Deutsch Wikipedia
Check kiting — is the illegal act of taking advantage of the float to make use of non existent funds in a checking or other bank account; it is a form of check fraud. It is commonly defined as intentionally writing a check for a value greater than the account… … Wikipedia
Check box — In computing, a check box (checkbox, tickbox, or tick box) is a graphical user interface element(widget) that permits the user to make multiple selections from a number of options. Normally, check boxes are shown on the screen as a square box… … Wikipedia
Time management — is commonly defined as the various means by which people effectively use their time and other closely related resources in order to make the most out of it. [The Concise Dictionary of Business Management, by David A. Statt, Taylor Francis Group… … Wikipedia
Check-in — This article is about the aviation, hotel or social networking term. For the use in information management, see Revision control. For the album by The Chalets, see Check In. Check in Hall at Leeds Bradford International Airport … Wikipedia
Airport check-in — Check in counters of Thai Airways International at Suvarnabhumi Airport, Bangkok … Wikipedia
Check Point — For other uses, see Checkpoint (disambiguation). Check Point Software Technologies Ltd. Type Public NASDAQ 100 component Traded as NASDAQ: … Wikipedia
Time signal — These automatic signal clocks were synchronized by telegraphy in 1905 before the widespread use of radio A time signal is a visible, audible, mechanical, or electronic signal used as a reference to determine the time of day. Contents 1 Audible… … Wikipedia
Check digit — A check digit is a form of redundancy check used for error detection, the decimal equivalent of a binary checksum. It consists of a single digit computed from the other digits in the message. With a check digit, one can detect simple errors in… … Wikipedia
Check weigher — Example checkweigher. Product passes on the conveyor belt where it is weighed A checkweigher is an automatic machine for checking the weight of packaged commodities. It is normally found at the offgoing end of a production process and is used to… … Wikipedia
