/* $OpenBSD: setresuid.c,v 1.3 2021/12/15 18:42:38 anton Exp $ */ /* * Written by Bret Stephen Lambert 2014 * Public Domain. */ #include #include #include #include #include #include #include #include #include #include #include "setuid_regress.h" int main(int argc, const char *argv[]) { struct kinfo_proc kproc; struct passwd *pw; uid_t uid; if ((pw = getpwnam(_SETUID_REGRESS_USER)) == NULL) err(1, "unknown user \"%s\"", _SETUID_REGRESS_USER); uid = getuid(); if (setresuid(pw->pw_uid, -1, -1) == -1) err(1, "setuid 0"); checkuids(pw->pw_uid, uid, uid, "0"); /* should only respond to setuid upon exec */ if (issetugid()) errx(1, "process incorrectly marked as issetugid()"); if (read_kproc_pid(&kproc, getpid()) == -1) err(1, "kproc read failed"); if (!(kproc.p_psflags & PS_SUGID)) errx(1, "PS_SUGID not set"); if (kproc.p_psflags & PS_SUGIDEXEC) errx(1, "PS_SUGIDEXEC incorrectly set"); /* we should be able to roll back our uids for now */ if (setresuid(uid, -1, -1) == -1) err(1, "setuid 1"); checkuids(uid, uid, uid, "1"); if (setresuid(-1, pw->pw_uid, -1) == -1) err(1, "setuid 2"); checkuids(uid, pw->pw_uid, uid, "2"); /* we should be able to roll back our uids for now */ if (setresuid(-1, uid, -1) == -1) err(1, "setuid 3"); checkuids(uid, uid, uid, "3"); /* * after changing our saved uid, we should be able to change * our real and effective uids to that of our saved uid, * but not to anything else */ if (setresuid(-1, -1, pw->pw_uid) == -1) err(1, "setuid 4"); checkuids(uid, uid, pw->pw_uid, "4"); if (setresuid(pw->pw_uid, -1, -1) == -1) err(1, "setuid 5"); checkuids(pw->pw_uid, uid, pw->pw_uid, "5"); if (setresuid(-1, pw->pw_uid, -1) == -1) err(1, "setuid 6"); checkuids(pw->pw_uid, pw->pw_uid, pw->pw_uid, "6"); if (setresuid(uid, -1, -1) != -1) errx(1, "incorrectly capable of setting real uid"); checkuids(pw->pw_uid, pw->pw_uid, pw->pw_uid, "7"); if (setresuid(-1, uid, -1) != -1) errx(1, "incorrectly capable of setting effective uid"); checkuids(pw->pw_uid, pw->pw_uid, pw->pw_uid, "9"); if (setresuid(-1, -1, uid) != -1) errx(1, "incorrectly capable of setting saved uid"); checkuids(pw->pw_uid, pw->pw_uid, pw->pw_uid, "9"); /* sanity-check use of -1 as noop */ if (setresuid(-1, -1, -1) == -1) errx(1, "-1 not properly recognized as noop"); checkuids(pw->pw_uid, pw->pw_uid, pw->pw_uid, "9"); exit(0); }