Wikipedia

Time-of-check to time-of-use: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
BattyBot (talk | contribs)
Bots
1,957,398 edits
No edit summary
Line 1:
In [[software development]], '''time of check to time of use''' ('''TOCTTOU''', pronounced "''TOCK too''") is a class of [[software bug]] caused by changes in a system between the ''checking'' of a condition (such as a security credential) and the ''use'' of the results of that check. ItThis is aone kindexample of a [[race condition]].
 
A simple example is as follows: Consider a Web application that allows a user to edit pages, and also allows administrators to lock pages to prevent editing. A user requests to edit a page, getting a form by which he can alter its content. Before the user submits the form, an administrator locks the page, which should prevent editing. However, since the user has already begun editing, when he submits the form, his edits are accepted. When the user began editing, his authorization was ''checked'', and he was indeed allowed to edit. However, the authorization was ''used'' later, after he should no longer have been allowed.
Retrieved from "https://en.wikipedia.org/wiki/Time-of-check_to_time-of-use"