Date: Wed, 12 Mar 2008 06:51:41 GMT From: Zhouyi ZHOU <zhouzhouyi@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 137469 for review Message-ID: <200803120651.m2C6pfjZ010101@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=137469 Change 137469 by zhouzhouyi@zhouzhouyi_mactest on 2008/03/12 06:51:30 Test cases for setuid and setgid for MAC Framework Affected files ... .. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/mactest.c#16 edit .. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/tests/open/00.t#8 edit Differences ... ==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/mactest.c#16 (text+ko) ==== @@ -660,6 +660,7 @@ } logfd = open(LOGDEV, O_RDWR); + ioctl(logfd, BEGINLOG, NULL); if (gids != NULL) { set_gids(gids); @@ -675,7 +676,6 @@ /*Begin to log */ - ioctl(logfd, BEGINLOG, NULL); for (;;) { scall = find_syscall(argv[0]); ==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/tests/open/00.t#8 (text+ko) ==== @@ -30,11 +30,11 @@ touch ${mactest_conf} setfmac "mls/equal,biba/equal" ${mactest_conf} - echo "1..7" + echo "1..8" n0=`namegen` n1=`namegen` - + n2=`namegen` dvplabel=`getfmac ".."| sed 's/\(\.\.:\ \)\([a-z\,\/]*\)/\2/`; @@ -119,6 +119,16 @@ echo "biba/high(low-high),mls/5(low-high) biba/high,mls/8" >> ${mactest_conf} mactestexpect "" 0 -m "mls/5" -f ${mactest_conf} chown . 65535 65535 +#case 8 setuid and setgid: + echo -n "pid = -1 proc_check_setegid:" > ${mactest_conf} + echo "biba/high(low-high),mls/5(low-high)" >> ${mactest_conf} + echo -n "pid = -1 proc_check_setuid:" >> ${mactest_conf} + echo "biba/high(low-high),mls/5(low-high)" >> ${mactest_conf} + echo -n "pid = -1 proc_check_setgroups:" >> ${mactest_conf} + echo "biba/high(low-high),mls/5(low-high)" >> ${mactest_conf} + mactestexpect "" 0 -u 65535 -g 65535 -m "mls/5" -f ${mactest_conf} mkdir ${n2} 0755 + + #cleanup: sysctl security.mac.mls.enabled=0 >/dev/null
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200803120651.m2C6pfjZ010101>