FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mksnap_ffs clears file system options

Affected systems
5.2 <= FreeBSD < 5.2_1
5.1 <= FreeBSD < 5.1_12

Details

VuXML ID 7229d900-88af-11d8-90d1-0020ed76ef5a
Discovery 2004-01-30
Entry 2004-04-07
Modified 2004-05-05

The kernel interface for creating a snapshot of a filesystem is the same as that for changing the flags on that filesystem. Due to an oversight, the mksnap_ffs(8) command called that interface with only the snapshot flag set, causing all other flags to be reset to the default value.

A regularly scheduled backup of a live filesystem, or any other process that uses the mksnap_ffs command (for instance, to provide a rough undelete functionality on a file server), will clear any flags in effect on the filesystem being snapshot. Possible consequences depend on local usage, but can include disabling extended access control lists or enabling the use of setuid executables stored on an untrusted filesystem.

The mksnap_ffs command is normally only available to the superuser and members of the `operator' group. There is therefore no risk of a user gaining elevated privileges directly through use of the mksnap_ffs command unless it has been intentionally made available to unprivileged users.

References

CVE Name CVE-2004-0099
FreeBSD Advisory SA-04:01.mksnap_ffs