Fleximus Blog

  

The ZFS Intent Log ("ZIL") is a mechanism that gathers together in memory transactions of writes, and is flushed onto disk when synchronous semantics is necessary. In the event of crash or power failure, the log is examined and the uncommitted transaction would be replayed to maintain the synchronous semantics.

Problem description

When replaying setattr transaction, the replay code would set the attributes with certain insecure defaults, when the logged transaction did not touch these attributes.

Impact

A system crash or power fail would leave some file with mode set to 07777. This could leak sensitive information or cause privilege escalation.

Original advisory and solution

FreeBSD-SA-10:03.zfs

BSD