### TOCTOU vulnerability Time of check, time of use vulnerability - Access check is performed when a file is opened - Once checked, permissions provided remain available until the file is closed or process terminates - If permission is revoked during this time, the revocation will not be effective until the file is closed #### Example attack scenario A vulnerable program first creates a user, and by default gives it permission 0 (full access). Then it limits access by changing permission to 1 (limited access). An attacker could use a race condition by creating several user accounts and immediately performing a command that needs full access. In cases where the access is added later, they will be able to perform tasks that root user should only be able to. ### Other attacks - Privilege escalation attacks