Vulnerability: Root User Bypasses Immutable and Append-Only Flags in BSD 4.4-based Operating Systems

Vulnerability: Root User Bypasses Immutable and Append-Only Flags in BSD 4.4-based Operating Systems

CVE-1999-1394 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

BSD 4.4 based operating systems, when running at security level 1, allow the root user to clear the immutable and append-only flags for files by unmounting the file system and using a file system editor such as fsdb to directly modify the file through a device.

Learn more about our Cis Benchmark Audit For Operating Systems.