(Also Time-of-Check to Time-of-Use, TOCTTOU, TOC/TOU)
TOCTOU attack definition
TOCTOU attack is a software exploit that happens when a system’s behavior depends on the timing between checking a condition and using the result.
It starts with the race condition between concurrent processes:
- Time-of-check. The system checks a certain condition or state to make a decision or perform an action. For example, a file existence check is performed to determine whether a file can be safely accessed or modified.
- Time-of-use. The system uses the result of the previous check to perform an action based on the assumption that the condition or state remains unchanged.
An attacker can exploit the time window between these two processes to manipulate the system’s behavior in an unintended or malicious way.
See also: privilege escalation
Dangers of a TOCTOU attack
- Unauthorized access. An attacker can gain unauthorized access to resources or perform actions they are not allowed to perform, bypassing security checks.
- Data integrity violation. An attacker can modify data or resources after they have been checked, leading to data integrity violations or unexpected behaviors.
- Elevation of privilege. An attacker can escalate their privileges or gain elevated access to the system by manipulating the timing between checks and uses.