Previously it was possible to smuggle in addional files that would be used by later portsnap runs. Now we only move those files expected to be in the snapshot into files/ and require that there are no unexpected files.
portsnap attacks 2, 3, and 4 from "non-cryptanalytic attacks against FreeBSD update components" anonymous gist.