xref: /freebsd/contrib/sendmail/test/t_setuid.c (revision 2fb4f839f3fc72ce2bab12f9ba4760f97f73e97f) 
1 /*
2  * Copyright (c) 2001 Proofpoint, Inc. and its suppliers.
3  *	All rights reserved.
4  *
5  * By using this file, you agree to the terms and conditions set
6  * forth in the LICENSE file which can be found at the top level of
7  * the sendmail distribution.
8  *
9  */
10 
11 /*
12 **  This program checks to see if your version of setuid works.
13 **  Compile it, make it set-user-ID root, and run it as yourself (NOT as
14 **  root).
15 **
16 **	NOTE:  This should work everywhere, but Linux has the ability
17 **	to use the undocumented setcap() call to make this break.
18 **
19 **  Compilation is trivial -- just "cc t_setuid.c".  Make it set-user-ID,
20 **  root and then execute it as a non-root user.
21 */
22 
23 #include <sys/types.h>
24 #include <unistd.h>
25 #include <stdio.h>
26 #include <stdlib.h>
27 
28 #ifndef lint
29 static char id[] = "@(#)$Id: t_setuid.c,v 8.8 2013-11-22 20:52:01 ca Exp $";
30 #endif
31 
32 static void
printuids(str,r,e)33 printuids(str, r, e)
34 	char *str;
35 	uid_t r, e;
36 {
37 	printf("%s (should be %d/%d): r/euid=%d/%d\n", str, (int) r, (int) e,
38 	       (int) getuid(), (int) geteuid());
39 }
40 
41 int
main(argc,argv)42 main(argc, argv)
43 	int argc;
44 	char **argv;
45 {
46 	int fail = 0;
47 	uid_t realuid = getuid();
48 
49 	printuids("initial uids", realuid, 0);
50 
51 	if (geteuid() != 0)
52 	{
53 		printf("SETUP ERROR: re-run set-user-ID root\n");
54 		exit(1);
55 	}
56 
57 	if (getuid() == 0)
58 	{
59 		printf("SETUP ERROR: must be run by a non-root user\n");
60 		exit(1);
61 	}
62 
63 	if (setuid(1) < 0)
64 		printf("setuid(1) failure\n");
65 	printuids("after setuid(1)", 1, 1);
66 
67 	if (geteuid() != 1)
68 	{
69 		fail++;
70 		printf("MAYDAY!  Wrong effective uid\n");
71 	}
72 
73 	if (getuid() != 1)
74 	{
75 		fail++;
76 		printf("MAYDAY!  Wrong real uid\n");
77 	}
78 
79 
80 	/* do activity here */
81 	if (setuid(0) == 0)
82 	{
83 		fail++;
84 		printf("MAYDAY!  setuid(0) succeeded (should have failed)\n");
85 	}
86 	else
87 	{
88 		printf("setuid(0) failed (this is correct)\n");
89 	}
90 	printuids("after setuid(0)", 1, 1);
91 
92 	if (geteuid() != 1)
93 	{
94 		fail++;
95 		printf("MAYDAY!  Wrong effective uid\n");
96 	}
97 	if (getuid() != 1)
98 	{
99 		fail++;
100 		printf("MAYDAY!  Wrong real uid\n");
101 	}
102 	printf("\n");
103 
104 	if (fail)
105 	{
106 		printf("\nThis system cannot use setuid (maybe use setreuid)\n");
107 		exit(1);
108 	}
109 
110 	printf("\nIt is safe to use setuid on this system\n");
111 	exit(0);
112 }
113