| #
75422 |
|
11-Apr-2001 |
rwatson |
o First pass at an inter-process authorization regression testing suite.
This test utility attempts to evaluate the current kernel policy
for authorization inter-process activities, currently ptrace(),
kill(, SIGHUP), getpriority(), and setpriority(). The utility creates
pairs of processes, initializes their credential sets to useful
cases, and reports on whether the results are in keeping with hard-coded
safety expectations.
o Currently, this utility relies on the availability of __setugid(),
an uncomitted system call used for managing the P_SUGID bit. Due to
continuing discussion of optional regression testing kernel components
("options REGRESSION") I'll hold off on committing that until the
discussion has reached its natural termination.
o A number of additional testing factors should be taken into account
in the testing, including tests for different classes of signals,
interactions with process session characteristics, I/O signalling,
broadcast activities such as broadcast signalling, mass priority
setting, and to take into group-related aspects of credentials.
Additional operations should also be taken into account, such as ktrace,
debugging attach using procfs, and so on.
o This testing suite is intended to prevent the introduction of bugs
in the upcoming sets of authorization changes associated with the
introduction of process capabilities and mandatory access control.
Obtained from: TrustedBSD Project
|