1 /* $OpenBSD: t_setuid.c,v 1.2 2021/12/13 16:56:48 deraadt Exp $ */
2 /* $NetBSD: t_setuid.c,v 1.1 2011/07/07 06:57:54 jruoho Exp $ */
3
4 /*-
5 * Copyright (c) 2011 The NetBSD Foundation, Inc.
6 * All rights reserved.
7 *
8 * This code is derived from software contributed to The NetBSD Foundation
9 * by Jukka Ruohonen.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30 * POSSIBILITY OF SUCH DAMAGE.
31 */
32
33 #include "macros.h"
34
35 #include <sys/wait.h>
36
37 #include "atf-c.h"
38 #include <errno.h>
39 #include <pwd.h>
40 #include <stdlib.h>
41 #include <unistd.h>
42
43 ATF_TC(setuid_perm);
ATF_TC_HEAD(setuid_perm,tc)44 ATF_TC_HEAD(setuid_perm, tc)
45 {
46 atf_tc_set_md_var(tc, "descr", "Test setuid(0) as normal user");
47 atf_tc_set_md_var(tc, "require.user", "unprivileged");
48 }
49
ATF_TC_BODY(setuid_perm,tc)50 ATF_TC_BODY(setuid_perm, tc)
51 {
52 errno = 0;
53
54 ATF_REQUIRE(setuid(0) == -1);
55 ATF_REQUIRE(errno == EPERM);
56 }
57
58 ATF_TC(setuid_real);
ATF_TC_HEAD(setuid_real,tc)59 ATF_TC_HEAD(setuid_real, tc)
60 {
61 atf_tc_set_md_var(tc, "descr", "Test setuid(2) with real UID");
62 }
63
ATF_TC_BODY(setuid_real,tc)64 ATF_TC_BODY(setuid_real, tc)
65 {
66 uid_t uid = getuid();
67
68 ATF_REQUIRE(setuid(uid) == 0);
69
70 ATF_REQUIRE(getuid() == uid);
71 ATF_REQUIRE(geteuid() == uid);
72 }
73
74 ATF_TC(setuid_root);
ATF_TC_HEAD(setuid_root,tc)75 ATF_TC_HEAD(setuid_root, tc)
76 {
77 atf_tc_set_md_var(tc, "descr", "A basic test of setuid(2)");
78 atf_tc_set_md_var(tc, "require.user", "root");
79 }
80
ATF_TC_BODY(setuid_root,tc)81 ATF_TC_BODY(setuid_root, tc)
82 {
83 struct passwd *pw;
84 int rv, sta;
85 pid_t pid;
86 uid_t uid;
87
88 while ((pw = getpwent()) != NULL) {
89
90 pid = fork();
91 ATF_REQUIRE(pid >= 0);
92
93 if (pid == 0) {
94
95 rv = setuid(pw->pw_uid);
96
97 if (rv != 0)
98 _exit(EXIT_FAILURE);
99
100 uid = getuid();
101
102 if (uid != pw->pw_uid)
103 _exit(EXIT_FAILURE);
104
105 _exit(EXIT_SUCCESS);
106 }
107
108 (void)wait(&sta);
109
110 if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS)
111 atf_tc_fail("failed to change UID to %u", pw->pw_uid);
112 }
113 }
114
ATF_TP_ADD_TCS(tp)115 ATF_TP_ADD_TCS(tp)
116 {
117
118 ATF_TP_ADD_TC(tp, setuid_perm);
119 ATF_TP_ADD_TC(tp, setuid_real);
120 ATF_TP_ADD_TC(tp, setuid_root);
121
122 return atf_no_error();
123 }
124