-----BEGIN PGP SIGNED MESSAGE----- Index: kern/vfs_syscalls.c =================================================================== RCS file: /home/imp/FreeBSD/CVS/src/sys/kern/vfs_syscalls.c,v retrieving revision 1.112.2.3 retrieving revision 1.112.2.5 diff -u -r1.112.2.3 -r1.112.2.5 --- vfs_syscalls.c 1999/07/30 01:07:23 1.112.2.3 +++ vfs_syscalls.c 1999/08/11 21:39:50 1.112.2.5 @@ -1839,13 +1839,23 @@ int error; struct vattr vattr; + /* + * Prevent non-root users from setting flags on devices. When + * a device is reused, users can retain ownership of the device + * if they are allowed to set flags and programs assume that + * chown can't fail when done as root. + */ + if ((vp->v_type == VCHR || vp->v_type == VBLK) && + ((error = suser(p->p_ucred, &p->p_acflag)) != 0)) + return (error); + VOP_LEASE(vp, p, p->p_ucred, LEASE_WRITE); vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, p); VATTR_NULL(&vattr); vattr.va_flags = flags; error = VOP_SETATTR(vp, &vattr, p->p_ucred, p); VOP_UNLOCK(vp, 0, p); - return error; + return (error); } /* -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface iQCVAwUBN9CA51UuHi5z0oilAQF7uwP/aM8a447S2D8lja8dBDiclXzK8Nm0cjiB YH7L/XFA+oz5gPKRZUz4pxbOR3JgHv1WGrvneKN4fUeJ/ODvUsvGri41MYVarmBZ QgFMT/6x3Mbk/BR7tIhTudTeCM5LBQl1giKBu3TwqJ3GjrKXIZiqk1y6dGPZ55RR kWBxVrgbCS8= =4Aap -----END PGP SIGNATURE-----