Date: Tue, 10 Nov 2009 23:45:24 +0100 From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: freebsd-current@FreeBSD.org Cc: freebsd-fs@FreeBSD.org Subject: HEADS UP: Important bug fix in ZFS replay code! Message-ID: <20091110224524.GC3194@garage.freebsd.pl> In-Reply-To: <200911102227.nAAMRXTf073603@svn.freebsd.org> References: <200911102227.nAAMRXTf073603@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--w7PDEPdKQumQfZlR Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi. There was important bug in ZFS replay code. If there were setattr logs (not related to permission change) in ZIL during unclean shutdown, one can end up with files that have mode set to 07777. This is very dangerous, especially if you have untrusted local users, as this will set setuid bit on such files. Note that FreeBSD will remove setuid bits when someone will try to modify the file, but it is still dangerous. You can locate such files with the following command: # find / -perm -7777 -print0 | xargs -0 ls -ld You can locate and fix such files with the following command: # find / -perm -7777 -print0 | xargs -0 chmod a-s,o-w,-t On Tue, Nov 10, 2009 at 10:27:33PM +0000, Pawel Jakub Dawidek wrote: > Author: pjd > Date: Tue Nov 10 22:27:33 2009 > New Revision: 199157 > URL: http://svn.freebsd.org/changeset/base/199157 >=20 > Log: > Be careful which vattr fields are set during setattr replay. > Without this fix strange things can appear after unclean shutdown like > files with mode set to 07777. > =20 > Reported by: des > MFC after: 3 days >=20 > Modified: > head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_replay.c >=20 > Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_replay.c > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D > --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_replay.c Tue = Nov 10 22:25:46 2009 (r199156) > +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_replay.c Tue = Nov 10 22:27:33 2009 (r199157) > @@ -60,10 +60,14 @@ zfs_init_vattr(vattr_t *vap, uint64_t ma > { > VATTR_NULL(vap); > vap->va_mask =3D (uint_t)mask; > - vap->va_type =3D IFTOVT(mode); > - vap->va_mode =3D mode & MODEMASK; > - vap->va_uid =3D (uid_t)(IS_EPHEMERAL(uid)) ? -1 : uid; > - vap->va_gid =3D (gid_t)(IS_EPHEMERAL(gid)) ? -1 : gid; > + if (mask & AT_TYPE) > + vap->va_type =3D IFTOVT(mode); > + if (mask & AT_MODE) > + vap->va_mode =3D mode & MODEMASK; > + if (mask & AT_UID) > + vap->va_uid =3D (uid_t)(IS_EPHEMERAL(uid)) ? -1 : uid; > + if (mask & AT_GID) > + vap->va_gid =3D (gid_t)(IS_EPHEMERAL(gid)) ? -1 : gid; > vap->va_rdev =3D zfs_cmpldev(rdev); > vap->va_nodeid =3D nodeid; > } --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --w7PDEPdKQumQfZlR Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQFK+e0EForvXbEpPzQRAmJnAKDwdm/rs75bZuvUBuiCqRusQWaxAgCg0NWE EJ16L2S+kqi3fsBxJPtIqNs= =FH86 -----END PGP SIGNATURE----- --w7PDEPdKQumQfZlR--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091110224524.GC3194>