Tag
file-system-security
Safeguard articles tagged "file-system-security" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Industry Analysis
TOCTOU (Time-of-check to time-of-use)
TOCTOU flaws let attackers swap a file or resource after it's validated but before it's used, turning a safe check into an exploitable race.
Feb 28, 20267 min read
Software Supply Chain Security
Symlink Attacks in Package Managers: Following Links to Trouble
Symbolic links in package archives can redirect file operations to unintended locations. Here is how this old trick still works against modern tools.
Jan 8, 20234 min read