❑ Race condition attack : The attack that exploits the environment that multiple processes are trying to access the same resource.
❑ Example : Symbolic link
1. There is a program A that iteratively creates symbolic links connected to the important file.
2. There is a program B having SetUID permission that print the result value to the specific file.
3. If the name of the symbolic link is used in a program B, The program B can be influenced by the program A.
* In the above example image, if program A creates "result.txt" after the remove() function is executed and before the open() function is executed, the result of program B may overwrite the contents of the [important file].
※ The Linux kernel built after 2012.07 has the daemon that protects from the race condition attack using symbolic link.
* sysctl -w fs.protected_symlinks=0 : Turn off the protection.