DragonFlyBSD Kernel Audit
← dashboard
DF-0186

vacl_delete silently ignores user-supplied ACL type, always deletes ACL_TYPE_DEFAULT

Summary

vacl_delete accepts type param but :115 hardcodes VOP_SETACL(vp,ACL_TYPE_DEFAULT,0,ucred). type is dead. Caller requesting ACCESS ACL deletion gets DEFAULT deleted instead. Latent.