-----BEGIN PGP SIGNED MESSAGE-----

    Index: kern/vfs_syscalls.c
    ===================================================================
    RCS file: /home/imp/FreeBSD/CVS/src/sys/kern/vfs_syscalls.c,v
    retrieving revision 1.125
    retrieving revision 1.128
    diff -u -r1.125 -r1.128
    --- vfs_syscalls.c	1999/07/29 17:02:56	1.125
    +++ vfs_syscalls.c	1999/08/04 04:52:18	1.128
    @@ -1892,13 +1892,23 @@
	    int error;
	    struct vattr vattr;

    +	/*
    +	 * Prevent non-root users from setting flags on devices.  When
    +	 * a device is reused, users can retain ownership of the device
    +	 * if they are allowed to set flags and programs assume that
    +	 * chown can't fail when done as root.
    +	 */
    +	if ((vp->v_type == VCHR || vp->v_type == VBLK) && 
    +	    ((error = suser_xxx(p->p_ucred, p, PRISON_ROOT)) != 0))
    +		return (error);
    +
	    VOP_LEASE(vp, p, p->p_ucred, LEASE_WRITE);
	    vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, p);
	    VATTR_NULL(&vattr);
	    vattr.va_flags = flags;
	    error = VOP_SETATTR(vp, &vattr, p->p_ucred, p);
	    VOP_UNLOCK(vp, 0, p);
    -	return error;
    +	return (error);
     }

     /*

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAwUBN9CAx1UuHi5z0oilAQFZkAP8Db7LZ9tawzq0Wd4OGyftqouCtCvpK8LQ
5sECJ26B0ZJ3VV0mbQLT3zCBjS85kaNkvmasCGXkXIYuWuuq0QVWpFsJ3jTYnPSN
S3v0vJVe+o1gRxm/2kHab0qeSym+wjx31vCZT2+1f0QDmyuhK9m6eFqFEL1+PJy/
o/dTzc0drVI=
=HPmL
-----END PGP SIGNATURE-----