1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
|
/*
* Copyright (c) 2001 Sendmail, Inc. and its suppliers.
* All rights reserved.
*
* By using this file, you agree to the terms and conditions set
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
*/
/*
** This program checks to see if your version of setreuid works.
** Compile it, make it set-user-ID root, and run it as yourself (NOT as
** root). If it won't compile or outputs any MAYDAY messages, don't
** define HASSETREUID in conf.h.
**
** Compilation is trivial -- just "cc t_setreuid.c". Make it set-user-ID,
** root and then execute it as a non-root user.
*/
#include <sys/types.h>
#include <unistd.h>
#include <stdio.h>
#ifndef lint
static char id[] = "@(#)$Id: t_setreuid.c,v 8.9 2001/10/12 03:04:46 gshapiro Exp $";
#endif /* ! lint */
#ifdef __hpux
# define setreuid(r, e) setresuid(r, e, -1)
#endif /* __hpux */
static void
printuids(str, r, e)
char *str;
uid_t r, e;
{
printf("%s (should be %d/%d): r/euid=%d/%d\n", str, (int) r, (int) e,
(int) getuid(), (int) geteuid());
}
int
main(argc, argv)
int argc;
char **argv;
{
int fail = 0;
uid_t realuid = getuid();
printuids("initial uids", realuid, 0);
if (geteuid() != 0)
{
printf("SETUP ERROR: re-run set-user-ID root\n");
exit(1);
}
if (getuid() == 0)
{
printf("SETUP ERROR: must be run by a non-root user\n");
exit(1);
}
if (setreuid(0, 1) < 0)
{
fail++;
printf("setreuid(0, 1) failure\n");
}
printuids("after setreuid(0, 1)", 0, 1);
if (getuid() != 0)
{
fail++;
printf("MAYDAY! Wrong real uid\n");
}
if (geteuid() != 1)
{
fail++;
printf("MAYDAY! Wrong effective uid\n");
}
/* do activity here */
if (setreuid(-1, 0) < 0)
{
fail++;
printf("setreuid(-1, 0) failure\n");
}
printuids("after setreuid(-1, 0)", 0, 0);
if (setreuid(realuid, 0) < 0)
{
fail++;
printf("setreuid(%d, 0) failure\n", (int) realuid);
}
printuids("after setreuid(realuid, 0)", realuid, 0);
if (geteuid() != 0)
{
fail++;
printf("MAYDAY! Wrong effective uid\n");
}
if (getuid() != realuid)
{
fail++;
printf("MAYDAY! Wrong real uid\n");
}
printf("\n");
if (setreuid(0, 2) < 0)
{
fail++;
printf("setreuid(0, 2) failure\n");
}
printuids("after setreuid(0, 2)", 0, 2);
if (geteuid() != 2)
{
fail++;
printf("MAYDAY! Wrong effective uid\n");
}
if (getuid() != 0)
{
fail++;
printf("MAYDAY! Wrong real uid\n");
}
/* do activity here */
if (setreuid(-1, 0) < 0)
{
fail++;
printf("setreuid(-1, 0) failure\n");
}
printuids("after setreuid(-1, 0)", 0, 0);
if (setreuid(realuid, 0) < 0)
{
fail++;
printf("setreuid(%d, 0) failure\n", (int) realuid);
}
printuids("after setreuid(realuid, 0)", realuid, 0);
if (geteuid() != 0)
{
fail++;
printf("MAYDAY! Wrong effective uid\n");
}
if (getuid() != realuid)
{
fail++;
printf("MAYDAY! Wrong real uid\n");
}
if (fail)
{
printf("\nThis system cannot use setreuid\n");
exit(1);
}
printf("\nIt is safe to define HASSETREUID on this system\n");
exit(0);
}
|
