docs/80535: Contrary to handbook, filesystem snapshots do not have the schg flag.

Bernd Luevelsmeyer bernd at heitec.net
Mon May 2 12:00:28 UTC 2005


>Number:         80535
>Category:       docs
>Synopsis:       Contrary to handbook, filesystem snapshots do not have the schg flag.
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-doc
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon May 02 12:00:23 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Bernd Luevelsmeyer
>Release:        FreeBSD 5.4-STABLE i386
>Organization:
>Environment:
System: FreeBSD 5.4-STABLE

>Description:
The handbook tells:
"During initial creation, the schg flag (see the chflags(1) manual page)
is set to ensure that even root cannot write to the snapshot."

This is not true, the schg flag is not set. Since the schg flag is
a security-instrument, I consider this to be a "serious" bug.

>How-To-Repeat:
mksnap_ffs /usr /usr/snap
find /usr -flags schg | grep snap
    (the snapshot file is not output)

>Fix:
Delete the quotet sentence from the handbook.
>Release-Note:
>Audit-Trail:
>Unformatted:



More information about the freebsd-doc mailing list