1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
/*
** This program checks to see if your version of setreuid works.
** Compile it, make it setuid root, and run it as yourself (NOT as
** root). If it won't compile or outputs any MAYDAY messages, don't
** define HASSETREUID in conf.h.
**
** Compilation is trivial -- just "cc t_setreuid.c". Make it setuid,
** root and then execute it as a non-root user.
*/
#include <sys/types.h>
#include <unistd.h>
#include <stdio.h>
#ifdef __hpux
#define setreuid(r, e) setresuid(r, e, -1)
#endif
main()
{
int fail = 0;
uid_t realuid = getuid();
printuids("initial uids", realuid, 0);
if (geteuid() != 0)
{
printf("SETUP ERROR: re-run setuid root\n");
exit(1);
}
if (getuid() == 0)
{
printf("SETUP ERROR: must be run by a non-root user\n");
exit(1);
}
if (setreuid(0, 1) < 0)
{
fail++;
printf("setreuid(0, 1) failure\n");
}
printuids("after setreuid(0, 1)", 0, 1);
if (geteuid() != 1)
{
fail++;
printf("MAYDAY! Wrong effective uid\n");
}
/* do activity here */
if (setreuid(-1, 0) < 0)
{
fail++;
printf("setreuid(-1, 0) failure\n");
}
printuids("after setreuid(-1, 0)", 0, 0);
if (setreuid(realuid, 0) < 0)
{
fail++;
printf("setreuid(%d, 0) failure\n", realuid);
}
printuids("after setreuid(realuid, 0)", realuid, 0);
if (geteuid() != 0)
{
fail++;
printf("MAYDAY! Wrong effective uid\n");
}
if (getuid() != realuid)
{
fail++;
printf("MAYDAY! Wrong real uid\n");
}
printf("\n");
if (setreuid(0, 2) < 0)
{
fail++;
printf("setreuid(0, 2) failure\n");
}
printuids("after setreuid(0, 2)", 0, 2);
if (geteuid() != 2)
{
fail++;
printf("MAYDAY! Wrong effective uid\n");
}
/* do activity here */
if (setreuid(-1, 0) < 0)
{
fail++;
printf("setreuid(-1, 0) failure\n");
}
printuids("after setreuid(-1, 0)", 0, 0);
if (setreuid(realuid, 0) < 0)
{
fail++;
printf("setreuid(%d, 0) failure\n", realuid);
}
printuids("after setreuid(realuid, 0)", realuid, 0);
if (geteuid() != 0)
{
fail++;
printf("MAYDAY! Wrong effective uid\n");
}
if (getuid() != realuid)
{
fail++;
printf("MAYDAY! Wrong real uid\n");
}
if (fail)
{
printf("\nThis system cannot use setreuid\n");
exit(1);
}
printf("\nIt is safe to define HASSETREUID on this system\n");
exit(0);
}
printuids(str, r, e)
char *str;
int r, e;
{
printf("%s (should be %d/%d): r/euid=%d/%d\n", str, r, e,
getuid(), geteuid());
}
|