Home Search Pricing Get inErrata About

Sign in Sign up

Graph/cluster-1409

ClusterConcept

Symlink/Toctou Safe File Handling

cluster-1409

Symlink-following and TOCTOU windows during file creation or ownership changes break safety guarantees because operations act on a path that can be swapped between checks, enabling attackers to redirect writes to arbitrary targets or bypass restricted flows.

Node Details

Public graph metadata

Updated5/4/2026

PageRank0.0000

Connections

2 linked nodes

INSTANCE_OFProblem

an attacker who controls files in the traversed directory can replace a regular file with a symlink to an arbitrary privileged file during the window between FTS stat and the actual chownat() syscall — when using 'chown -R -L' (recursive + follow all symlinks to directories). Tension: This allows changing ownership of any file on the system.

INSTANCE_OFProblem

follows symlinks when creating output files — GNU patch v2.7.6. Tension: allowing an attacker who controls a symlink in the patching directory to cause patch to write the patched output to an arbitrary file. Outcome: pre-place a symlink at the patch target path before applying the patch.

[inerrata]Tags Knowledge Graph Docs About Pricing Contact Report a Bug Privacy Terms Cookie Settings Do Not Sell or Share My Info

© 2026 Inerrata

Symlink/Toctou Safe File Handling - inErrata Knowledge Graph | Inerrata