1*49a6e16fSderaadt /* $OpenBSD: t_setuid.c,v 1.2 2021/12/13 16:56:48 deraadt Exp $ */
2a545a52cSbluhm /* $NetBSD: t_setuid.c,v 1.1 2011/07/07 06:57:54 jruoho Exp $ */
3a545a52cSbluhm
4a545a52cSbluhm /*-
5a545a52cSbluhm * Copyright (c) 2011 The NetBSD Foundation, Inc.
6a545a52cSbluhm * All rights reserved.
7a545a52cSbluhm *
8a545a52cSbluhm * This code is derived from software contributed to The NetBSD Foundation
9a545a52cSbluhm * by Jukka Ruohonen.
10a545a52cSbluhm *
11a545a52cSbluhm * Redistribution and use in source and binary forms, with or without
12a545a52cSbluhm * modification, are permitted provided that the following conditions
13a545a52cSbluhm * are met:
14a545a52cSbluhm * 1. Redistributions of source code must retain the above copyright
15a545a52cSbluhm * notice, this list of conditions and the following disclaimer.
16a545a52cSbluhm * 2. Redistributions in binary form must reproduce the above copyright
17a545a52cSbluhm * notice, this list of conditions and the following disclaimer in the
18a545a52cSbluhm * documentation and/or other materials provided with the distribution.
19a545a52cSbluhm *
20a545a52cSbluhm * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
21a545a52cSbluhm * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
22a545a52cSbluhm * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
23a545a52cSbluhm * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
24a545a52cSbluhm * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25a545a52cSbluhm * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26a545a52cSbluhm * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27a545a52cSbluhm * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28a545a52cSbluhm * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29a545a52cSbluhm * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30a545a52cSbluhm * POSSIBILITY OF SUCH DAMAGE.
31a545a52cSbluhm */
32a545a52cSbluhm
33a545a52cSbluhm #include "macros.h"
34a545a52cSbluhm
35a545a52cSbluhm #include <sys/wait.h>
36a545a52cSbluhm
37a545a52cSbluhm #include "atf-c.h"
38a545a52cSbluhm #include <errno.h>
39a545a52cSbluhm #include <pwd.h>
40a545a52cSbluhm #include <stdlib.h>
41a545a52cSbluhm #include <unistd.h>
42a545a52cSbluhm
43a545a52cSbluhm ATF_TC(setuid_perm);
ATF_TC_HEAD(setuid_perm,tc)44a545a52cSbluhm ATF_TC_HEAD(setuid_perm, tc)
45a545a52cSbluhm {
46a545a52cSbluhm atf_tc_set_md_var(tc, "descr", "Test setuid(0) as normal user");
47a545a52cSbluhm atf_tc_set_md_var(tc, "require.user", "unprivileged");
48a545a52cSbluhm }
49a545a52cSbluhm
ATF_TC_BODY(setuid_perm,tc)50a545a52cSbluhm ATF_TC_BODY(setuid_perm, tc)
51a545a52cSbluhm {
52a545a52cSbluhm errno = 0;
53a545a52cSbluhm
54a545a52cSbluhm ATF_REQUIRE(setuid(0) == -1);
55a545a52cSbluhm ATF_REQUIRE(errno == EPERM);
56a545a52cSbluhm }
57a545a52cSbluhm
58a545a52cSbluhm ATF_TC(setuid_real);
ATF_TC_HEAD(setuid_real,tc)59a545a52cSbluhm ATF_TC_HEAD(setuid_real, tc)
60a545a52cSbluhm {
61a545a52cSbluhm atf_tc_set_md_var(tc, "descr", "Test setuid(2) with real UID");
62a545a52cSbluhm }
63a545a52cSbluhm
ATF_TC_BODY(setuid_real,tc)64a545a52cSbluhm ATF_TC_BODY(setuid_real, tc)
65a545a52cSbluhm {
66a545a52cSbluhm uid_t uid = getuid();
67a545a52cSbluhm
68a545a52cSbluhm ATF_REQUIRE(setuid(uid) == 0);
69a545a52cSbluhm
70a545a52cSbluhm ATF_REQUIRE(getuid() == uid);
71a545a52cSbluhm ATF_REQUIRE(geteuid() == uid);
72a545a52cSbluhm }
73a545a52cSbluhm
74a545a52cSbluhm ATF_TC(setuid_root);
ATF_TC_HEAD(setuid_root,tc)75a545a52cSbluhm ATF_TC_HEAD(setuid_root, tc)
76a545a52cSbluhm {
77a545a52cSbluhm atf_tc_set_md_var(tc, "descr", "A basic test of setuid(2)");
78a545a52cSbluhm atf_tc_set_md_var(tc, "require.user", "root");
79a545a52cSbluhm }
80a545a52cSbluhm
ATF_TC_BODY(setuid_root,tc)81a545a52cSbluhm ATF_TC_BODY(setuid_root, tc)
82a545a52cSbluhm {
83a545a52cSbluhm struct passwd *pw;
84a545a52cSbluhm int rv, sta;
85a545a52cSbluhm pid_t pid;
86a545a52cSbluhm uid_t uid;
87a545a52cSbluhm
88a545a52cSbluhm while ((pw = getpwent()) != NULL) {
89a545a52cSbluhm
90a545a52cSbluhm pid = fork();
91a545a52cSbluhm ATF_REQUIRE(pid >= 0);
92a545a52cSbluhm
93a545a52cSbluhm if (pid == 0) {
94a545a52cSbluhm
95a545a52cSbluhm rv = setuid(pw->pw_uid);
96a545a52cSbluhm
97a545a52cSbluhm if (rv != 0)
98a545a52cSbluhm _exit(EXIT_FAILURE);
99a545a52cSbluhm
100a545a52cSbluhm uid = getuid();
101a545a52cSbluhm
102a545a52cSbluhm if (uid != pw->pw_uid)
103a545a52cSbluhm _exit(EXIT_FAILURE);
104a545a52cSbluhm
105a545a52cSbluhm _exit(EXIT_SUCCESS);
106a545a52cSbluhm }
107a545a52cSbluhm
108a545a52cSbluhm (void)wait(&sta);
109a545a52cSbluhm
110a545a52cSbluhm if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS)
111a545a52cSbluhm atf_tc_fail("failed to change UID to %u", pw->pw_uid);
112a545a52cSbluhm }
113a545a52cSbluhm }
114a545a52cSbluhm
ATF_TP_ADD_TCS(tp)115a545a52cSbluhm ATF_TP_ADD_TCS(tp)
116a545a52cSbluhm {
117a545a52cSbluhm
118a545a52cSbluhm ATF_TP_ADD_TC(tp, setuid_perm);
119a545a52cSbluhm ATF_TP_ADD_TC(tp, setuid_real);
120a545a52cSbluhm ATF_TP_ADD_TC(tp, setuid_root);
121a545a52cSbluhm
122a545a52cSbluhm return atf_no_error();
123a545a52cSbluhm }
124