Details
Diff Detail
- Repository
- rS FreeBSD src repository - subversion
- Lint
Lint Passed - Unit
No Test Coverage - Build Status
Buildable 38542 Build 35431: arc lint + arc unit
Event Timeline
tests/sys/file/path_test.c | ||
---|---|---|
98 | Canonical way, AFAIU, is to not specify O_RDONLY. O_PATH is the access mode on its own. When requesting O_PATH | O_EXEC, we requesting two modes. On the other hand, O_RDONLY is zero so it is fine either way for testing the implementation. | |
233 | It would be most interesting to do something in reverse, namely, check that AT_EMPTY_PATH verifies access permissions when non-root user tries to e.g. linkat(AT_EMPTY_PATH) to file he does not own. In other words, check that AT_EMPTY_PATH does not create a security hole. But I have no idea how to do it with atf. |
tests/sys/file/path_test.c | ||
---|---|---|
233 | I tried to do this in the test above, with the geteuid() == 0 check. It is not ideal, nothing ensures that the test is ever run as a non-root user. |
Verify that capability mode namespace checks work on path fds.
Make sure that CAP_FEXECVE is checked on path fds.
tests/sys/file/path_test.c | ||
---|---|---|
233 | There is some mechanism in ATF triggered by atf_tc_set_md_var(tc, "require.user", "unprivileged");. See for instance contrib/netbsd-tests/lib/libc/sys/t_access.c access_access But I have no idea about details. |
tests/sys/file/path_test.c | ||
---|---|---|
233 | Thanks, I didn't know about it. Apparently it causes kyua to run the test without privileges if invoked as root. |