1 /*
2 * Copyright (c) 2001 Proofpoint, Inc. and its suppliers.
3 * All rights reserved.
4 *
5 * By using this file, you agree to the terms and conditions set
6 * forth in the LICENSE file which can be found at the top level of
7 * the sendmail distribution.
8 *
9 */
10
11 /*
12 ** This program checks to see if your version of setgid works.
13 ** Compile it, make it set-group-ID guest, and run it as yourself (NOT as
14 ** root and not as member of the group guest).
15 **
16 ** Compilation is trivial -- just "cc t_setgid.c". Make it set-group-ID,
17 ** guest and then execute it as a non-root user.
18 */
19
20 #include <sys/types.h>
21 #include <unistd.h>
22 #include <stdio.h>
23 #include <stdlib.h>
24
25 #ifndef lint
26 static char id[] = "@(#)$Id: t_setgid.c,v 1.7 2013-11-22 20:52:01 ca Exp $";
27 #endif
28
29 static void
printgids(str,r,e)30 printgids(str, r, e)
31 char *str;
32 gid_t r, e;
33 {
34 printf("%s (should be %d/%d): r/egid=%d/%d\n", str, (int) r, (int) e,
35 (int) getgid(), (int) getegid());
36 }
37
38 int
main(argc,argv)39 main(argc, argv)
40 int argc;
41 char **argv;
42 {
43 int fail = 0;
44 int res;
45 gid_t realgid = getgid();
46 gid_t effgid = getegid();
47
48 printgids("initial gids", realgid, effgid);
49
50 if (effgid == realgid)
51 {
52 printf("SETUP ERROR: re-run set-group-ID guest\n");
53 exit(1);
54 }
55
56 #if SM_CONF_SETREGID
57 res = setregid(effgid, effgid);
58 #else
59 res = setgid(effgid);
60 #endif
61
62 printf("setgid(%d)=%d %s\n", (int) effgid, res,
63 res < 0 ? "failure" : "ok");
64 #if SM_CONF_SETREGID
65 printgids("after setregid()", effgid, effgid);
66 #else
67 printgids("after setgid()", effgid, effgid);
68 #endif
69
70 if (getegid() != effgid)
71 {
72 fail++;
73 printf("MAYDAY! Wrong effective gid\n");
74 }
75
76 if (getgid() != effgid)
77 {
78 fail++;
79 printf("MAYDAY! Wrong real gid\n");
80 }
81
82 /* do activity here */
83 if (setgid(0) == 0)
84 {
85 fail++;
86 printf("MAYDAY! setgid(0) succeeded (should have failed)\n");
87 }
88 else
89 {
90 printf("setgid(0) failed (this is correct)\n");
91 }
92 printgids("after setgid(0)", effgid, effgid);
93
94 if (getegid() != effgid)
95 {
96 fail++;
97 printf("MAYDAY! Wrong effective gid\n");
98 }
99 if (getgid() != effgid)
100 {
101 fail++;
102 printf("MAYDAY! Wrong real gid\n");
103 }
104 printf("\n");
105
106 if (fail > 0)
107 {
108 printf("\nThis system cannot use %s to set the real gid to the effective gid\nand clear the saved gid.\n",
109 #if SM_CONF_SETREGID
110 "setregid"
111 #else
112 "setgid"
113 #endif
114 );
115 exit(1);
116 }
117
118 printf("\nIt is possible to use setgid on this system\n");
119 exit(0);
120 }
121