1272343Sngie/* $NetBSD: t_setuid.c,v 1.1 2011/07/07 06:57:54 jruoho Exp $ */ 2272343Sngie 3272343Sngie/*- 4272343Sngie * Copyright (c) 2011 The NetBSD Foundation, Inc. 5272343Sngie * All rights reserved. 6272343Sngie * 7272343Sngie * This code is derived from software contributed to The NetBSD Foundation 8272343Sngie * by Jukka Ruohonen. 9272343Sngie * 10272343Sngie * Redistribution and use in source and binary forms, with or without 11272343Sngie * modification, are permitted provided that the following conditions 12272343Sngie * are met: 13272343Sngie * 1. Redistributions of source code must retain the above copyright 14272343Sngie * notice, this list of conditions and the following disclaimer. 15272343Sngie * 2. Redistributions in binary form must reproduce the above copyright 16272343Sngie * notice, this list of conditions and the following disclaimer in the 17272343Sngie * documentation and/or other materials provided with the distribution. 18272343Sngie * 19272343Sngie * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20272343Sngie * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21272343Sngie * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22272343Sngie * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23272343Sngie * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24272343Sngie * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25272343Sngie * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26272343Sngie * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27272343Sngie * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28272343Sngie * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29272343Sngie * POSSIBILITY OF SUCH DAMAGE. 30272343Sngie */ 31272343Sngie#include <sys/cdefs.h> 32272343Sngie__RCSID("$NetBSD: t_setuid.c,v 1.1 2011/07/07 06:57:54 jruoho Exp $"); 33272343Sngie 34272343Sngie#include <sys/wait.h> 35272343Sngie 36272343Sngie#include <atf-c.h> 37272343Sngie#include <errno.h> 38272343Sngie#include <pwd.h> 39272343Sngie#include <stdlib.h> 40272343Sngie#include <unistd.h> 41272343Sngie 42272343SngieATF_TC(setuid_perm); 43272343SngieATF_TC_HEAD(setuid_perm, tc) 44272343Sngie{ 45272343Sngie atf_tc_set_md_var(tc, "descr", "Test setuid(0) as normal user"); 46272343Sngie atf_tc_set_md_var(tc, "require.user", "unprivileged"); 47272343Sngie} 48272343Sngie 49272343SngieATF_TC_BODY(setuid_perm, tc) 50272343Sngie{ 51272343Sngie errno = 0; 52272343Sngie 53272343Sngie ATF_REQUIRE(setuid(0) == -1); 54272343Sngie ATF_REQUIRE(errno == EPERM); 55272343Sngie} 56272343Sngie 57272343SngieATF_TC(setuid_real); 58272343SngieATF_TC_HEAD(setuid_real, tc) 59272343Sngie{ 60272343Sngie atf_tc_set_md_var(tc, "descr", "Test setuid(2) with real UID"); 61272343Sngie} 62272343Sngie 63272343SngieATF_TC_BODY(setuid_real, tc) 64272343Sngie{ 65272343Sngie uid_t uid = getuid(); 66272343Sngie 67272343Sngie ATF_REQUIRE(setuid(uid) == 0); 68272343Sngie 69272343Sngie ATF_REQUIRE(getuid() == uid); 70272343Sngie ATF_REQUIRE(geteuid() == uid); 71272343Sngie} 72272343Sngie 73272343SngieATF_TC(setuid_root); 74272343SngieATF_TC_HEAD(setuid_root, tc) 75272343Sngie{ 76272343Sngie atf_tc_set_md_var(tc, "descr", "A basic test of setuid(2)"); 77272343Sngie atf_tc_set_md_var(tc, "require.user", "root"); 78272343Sngie} 79272343Sngie 80272343SngieATF_TC_BODY(setuid_root, tc) 81272343Sngie{ 82272343Sngie struct passwd *pw; 83272343Sngie int rv, sta; 84272343Sngie pid_t pid; 85272343Sngie uid_t uid; 86272343Sngie 87272343Sngie while ((pw = getpwent()) != NULL) { 88272343Sngie 89272343Sngie pid = fork(); 90272343Sngie ATF_REQUIRE(pid >= 0); 91272343Sngie 92272343Sngie if (pid == 0) { 93272343Sngie 94272343Sngie rv = setuid(pw->pw_uid); 95272343Sngie 96272343Sngie if (rv != 0) 97272343Sngie _exit(EXIT_FAILURE); 98272343Sngie 99272343Sngie uid = getuid(); 100272343Sngie 101272343Sngie if (uid != pw->pw_uid) 102272343Sngie _exit(EXIT_FAILURE); 103272343Sngie 104272343Sngie _exit(EXIT_SUCCESS); 105272343Sngie } 106272343Sngie 107272343Sngie (void)wait(&sta); 108272343Sngie 109272343Sngie if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS) 110272343Sngie atf_tc_fail("failed to change UID to %u", pw->pw_uid); 111272343Sngie } 112272343Sngie} 113272343Sngie 114272343SngieATF_TP_ADD_TCS(tp) 115272343Sngie{ 116272343Sngie 117272343Sngie ATF_TP_ADD_TC(tp, setuid_perm); 118272343Sngie ATF_TP_ADD_TC(tp, setuid_real); 119272343Sngie ATF_TP_ADD_TC(tp, setuid_root); 120272343Sngie 121272343Sngie return atf_no_error(); 122272343Sngie} 123