Date: Tue, 31 May 2011 07:02:49 +0000 (UTC) From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: cvs-src-old@freebsd.org Subject: cvs commit: src/sys/cddl/compat/opensolaris/kern opensolaris_vfs.c Message-ID: <201105310703.p4V73DcX038474@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
pjd 2011-05-31 07:02:49 UTC FreeBSD src repository Modified files: sys/cddl/compat/opensolaris/kern opensolaris_vfs.c Log: SVN rev 222518 on 2011-05-31 07:02:49Z by pjd Imagine situation where a security problem is found in setuid binary. User upgrades his system to fix the problem, but if he has any ZFS snapshots for the file system which contains problematic binary, any user can mount the snapshot and execute vulnerable binary. Prevent this from happening by always mounting snapshots with setuid turned off. MFC after: 2 weeks Revision Changes Path 1.19 +5 -0 src/sys/cddl/compat/opensolaris/kern/opensolaris_vfs.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201105310703.p4V73DcX038474>