From owner-cvs-src-old@FreeBSD.ORG  Tue May 31 07:03:13 2011
Return-Path: <owner-cvs-src-old@FreeBSD.ORG>
Delivered-To: cvs-src-old@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 36C02106566C
	for <cvs-src-old@freebsd.org>; Tue, 31 May 2011 07:03:13 +0000 (UTC)
	(envelope-from pjd@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 254628FC17
	for <cvs-src-old@freebsd.org>; Tue, 31 May 2011 07:03:13 +0000 (UTC)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.4/8.14.4) with ESMTP id p4V73Dd1038475
	for <cvs-src-old@freebsd.org>; Tue, 31 May 2011 07:03:13 GMT
	(envelope-from pjd@repoman.freebsd.org)
Received: (from svn2cvs@localhost)
	by repoman.freebsd.org (8.14.4/8.14.4/Submit) id p4V73DcX038474
	for cvs-src-old@freebsd.org; Tue, 31 May 2011 07:03:13 GMT
	(envelope-from pjd@repoman.freebsd.org)
Message-Id: <201105310703.p4V73DcX038474@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: svn2cvs set sender to
	pjd@repoman.freebsd.org using -f
From: Pawel Jakub Dawidek <pjd@FreeBSD.org>
Date: Tue, 31 May 2011 07:02:49 +0000 (UTC)
To: cvs-src-old@freebsd.org
X-FreeBSD-CVS-Branch: HEAD
Subject: cvs commit: src/sys/cddl/compat/opensolaris/kern opensolaris_vfs.c
X-BeenThere: cvs-src-old@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: **OBSOLETE** CVS commit messages for the src tree
	<cvs-src-old.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src-old>
List-Post: <mailto:cvs-src-old@freebsd.org>
List-Help: <mailto:cvs-src-old-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src-old>,
	<mailto:cvs-src-old-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 31 May 2011 07:03:13 -0000

pjd         2011-05-31 07:02:49 UTC

  FreeBSD src repository

  Modified files:
    sys/cddl/compat/opensolaris/kern opensolaris_vfs.c 
  Log:
  SVN rev 222518 on 2011-05-31 07:02:49Z by pjd
  
  Imagine situation where a security problem is found in setuid binary.
  User upgrades his system to fix the problem, but if he has any ZFS snapshots
  for the file system which contains problematic binary, any user can mount the
  snapshot and execute vulnerable binary.
  
  Prevent this from happening by always mounting snapshots with setuid turned off.
  
  MFC after:      2 weeks
  
  Revision  Changes    Path
  1.19      +5 -0      src/sys/cddl/compat/opensolaris/kern/opensolaris_vfs.c