1/* $NetBSD: t_issetugid.c,v 1.1 2011/07/07 06:57:53 jruoho Exp $ */ 2 3/*- 4 * Copyright (c) 2011 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Jukka Ruohonen. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31#include <sys/cdefs.h> 32__RCSID("$NetBSD: t_issetugid.c,v 1.1 2011/07/07 06:57:53 jruoho Exp $"); 33 34#include <sys/wait.h> 35 36#include <atf-c.h> 37#include <errno.h> 38#include <pwd.h> 39#include <stdlib.h> 40#include <unistd.h> 41 42static bool check(int (*fuid)(uid_t), int (*fgid)(gid_t)); 43 44static bool 45check(int (*fuid)(uid_t), int (*fgid)(gid_t)) 46{ 47 struct passwd *pw; 48 pid_t pid; 49 int sta; 50 51 pw = getpwnam("nobody"); 52 53 if (pw == NULL) 54 return false; 55 56 pid = fork(); 57 58 if (pid < 0) 59 return false; 60 61 if (pid == 0) { 62 63 if (fuid != NULL && (*fuid)(pw->pw_uid) != 0) 64 _exit(EXIT_FAILURE); 65 66 if (fgid != NULL && (*fgid)(pw->pw_gid) != 0) 67 _exit(EXIT_FAILURE); 68 69 if (issetugid() != 1) 70 _exit(EXIT_FAILURE); 71 72 _exit(EXIT_SUCCESS); 73 } 74 75 (void)wait(&sta); 76 77 if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS) 78 return false; 79 80 return true; 81} 82 83ATF_TC(issetugid_egid); 84ATF_TC_HEAD(issetugid_egid, tc) 85{ 86 atf_tc_set_md_var(tc, "descr", "A test of issetugid(2), eff. GID"); 87 atf_tc_set_md_var(tc, "require.user", "root"); 88} 89 90ATF_TC_BODY(issetugid_egid, tc) 91{ 92 93 if (check(NULL, setegid) != true) 94 atf_tc_fail("issetugid(2) failed with effective GID"); 95} 96 97ATF_TC(issetugid_euid); 98ATF_TC_HEAD(issetugid_euid, tc) 99{ 100 atf_tc_set_md_var(tc, "descr", "A test of issetugid(2), eff. UID"); 101 atf_tc_set_md_var(tc, "require.user", "root"); 102} 103 104ATF_TC_BODY(issetugid_euid, tc) 105{ 106 107 if (check(seteuid, NULL) != true) 108 atf_tc_fail("issetugid(2) failed with effective UID"); 109} 110 111ATF_TC(issetugid_rgid); 112ATF_TC_HEAD(issetugid_rgid, tc) 113{ 114 atf_tc_set_md_var(tc, "descr", "A test of issetugid(2), real GID"); 115 atf_tc_set_md_var(tc, "require.user", "root"); 116} 117 118ATF_TC_BODY(issetugid_rgid, tc) 119{ 120 121 if (check(NULL, setgid) != true) 122 atf_tc_fail("issetugid(2) failed with real GID"); 123} 124 125ATF_TC(issetugid_ruid); 126ATF_TC_HEAD(issetugid_ruid, tc) 127{ 128 atf_tc_set_md_var(tc, "descr", "A test of issetugid(2), real UID"); 129 atf_tc_set_md_var(tc, "require.user", "root"); 130} 131 132ATF_TC_BODY(issetugid_ruid, tc) 133{ 134 135 if (check(setuid, NULL) != true) 136 atf_tc_fail("issetugid(2) failed with real UID"); 137} 138 139ATF_TP_ADD_TCS(tp) 140{ 141 142 ATF_TP_ADD_TC(tp, issetugid_egid); 143 ATF_TP_ADD_TC(tp, issetugid_euid); 144 ATF_TP_ADD_TC(tp, issetugid_rgid); 145 ATF_TP_ADD_TC(tp, issetugid_ruid); 146 147 return atf_no_error(); 148} 149