A TOCTOU (time-of-check, time-of-use) race condition is possible when two are more concurrent processes are operating on a shared file system [Seacord 2013]. Typically, the first access is a check to verify some attribute of the file, followed by a call to use the file. An attacker can alter the file between the two accesses, or replace the file with a symbolic or hard link to a different file. These TOCTOU conditions are frequently indicated can be exploited when a program performs two or more file operations on the same filename or pathname.
A program that performs a two or more file operation operations on a single filename or path twice creates a race window between the two file operations. This race window comes from the assumption that the filename or path refers to the same resource both times. If an attacker can modify the file, remove it, or replace it with a different file, then this assumption will not hold.
...