The kernel interface for creating a snapshot of a
filesystem is the same as that for changing the flags on
that filesystem. Due to an oversight, the mksnap_ffs(8)
command called that interface with only the snapshot flag
set, causing all other flags to be reset to the default
value.
A regularly scheduled backup of a live filesystem, or
any other process that uses the mksnap_ffs command
(for instance, to provide a rough undelete functionality
on a file server), will clear any flags in effect on the
filesystem being snapshot. Possible consequences depend
on local usage, but can include disabling extended access
control lists or enabling the use of setuid executables
stored on an untrusted filesystem.
The mksnap_ffs command is normally only available to
the superuser and members of the `operator' group. There
is therefore no risk of a user gaining elevated privileges
directly through use of the mksnap_ffs command unless
it has been intentionally made available to unprivileged
users.