1274f7445SRobert Watson$FreeBSD$ 2274f7445SRobert Watson 3274f7445SRobert Watson Inter-Process Authorization Test Suite 4274f7445SRobert Watson Robert Watson, TrustedBSD Project 5274f7445SRobert Watson 6274f7445SRobert WatsonThis test suite attempts to determine the behavior of inter-process 7274f7445SRobert Watsonauthorization policy present in the kernel. It analyzes a series of 8274f7445SRobert Watsonimportant scenarios using specifically crafted process credentials 9274f7445SRobert Watsonand a set of operations. It then reports on any divergence from the 10274f7445SRobert Watsonexpected results. 11274f7445SRobert Watson 12274f7445SRobert WatsonTest operations: 13274f7445SRobert Watson 14274f7445SRobert Watsonptrace cred1 attempts ptrace attach to cred2 15bacff58cSRobert Watsonsighup cred1 attempts SIGHUP of cred2 16bacff58cSRobert Watsonsigsegv cred1 attempts SIGSEGV of cred2 17274f7445SRobert Watsonsee cred1 attempts getpriority() on cred2 18274f7445SRobert Watsonsched cred1 attempts setpriority() on cred2 19274f7445SRobert Watson 20274f7445SRobert WatsonTest scenarioes: 21274f7445SRobert Watson 22274f7445SRobert Watsonpriv on priv root process on another root process 23274f7445SRobert Watsonpriv on unpriv1 root process on a non-root process 24274f7445SRobert Watsonunpriv1 on priv non-root process on a root process 25274f7445SRobert Watsonunpriv1 on unpriv1 non-root process on a similar non-root process 26274f7445SRobert Watsonunpriv1 on unpriv2 non-root process on a different non-root process 27274f7445SRobert Watsonunpriv1 on daemon1 non-root process on a root daemon process acting with 28274f7445SRobert Watson same non-root effective credentials 29274f7445SRobert Watsonunpriv1 on daemon2 non-root process on a root daemon process acting with 30274f7445SRobert Watson different non-root effective credentials 31274f7445SRobert Watsonunpriv1 on setuid1 non-root process on a setuid-root process with same 32274f7445SRobert Watson non-root real credentials 33274f7445SRobert Watsonunpriv1 on setuid2 non-root process on a setuid-root process with 34274f7445SRobert Watson different non-root real credentials 35274f7445SRobert Watson 36274f7445SRobert WatsonThe credential elements supported by the test suite are: 37274f7445SRobert Watson 38274f7445SRobert Watson effective uid 39274f7445SRobert Watson real uid 40274f7445SRobert Watson saved uid 41274f7445SRobert Watson P_SUGID flag 42274f7445SRobert Watson 43274f7445SRobert WatsonOther untested aspects of interest include groups, as well as session 44274f7445SRobert Watsonrelationship. Other test operations that might be of interest are SIGCONT, 45bacff58cSRobert Watsonand SIGIO. 46274f7445SRobert Watson 47274f7445SRobert WatsonThe current set of tests includes some tests where normally the P_SUGID 48274f7445SRobert Watsonflag is set, but isn't in the test. The result is that some tests fail 49274f7445SRobert Watsonthat may not reflect real-world software configurations. However, they 50274f7445SRobert Watsondo point to possible changes that could be made in the authorization system 51274f7445SRobert Watsonto improve resilience to failure or violation of invariants. 52274f7445SRobert Watson 53274f7445SRobert WatsonThese tests rely on __setugid(), a system call enabled using options 54274f7445SRobert WatsonREGRESSION. 55