1$FreeBSD$ 2 3 Inter-Process Authorization Test Suite 4 Robert Watson, TrustedBSD Project 5 6This test suite attempts to determine the behavior of inter-process 7authorization policy present in the kernel. It analyzes a series of 8important scenarios using specifically crafted process credentials 9and a set of operations. It then reports on any divergence from the 10expected results. 11 12Test operations: 13 14ptrace cred1 attempts ptrace attach to cred2 15sighup cred1 attempts SIGHUP of cred2 16sigsegv cred1 attempts SIGSEGV of cred2 17see cred1 attempts getpriority() on cred2 18sched cred1 attempts setpriority() on cred2 19 20Test scenarioes: 21 22priv on priv root process on another root process 23priv on unpriv1 root process on a non-root process 24unpriv1 on priv non-root process on a root process 25unpriv1 on unpriv1 non-root process on a similar non-root process 26unpriv1 on unpriv2 non-root process on a different non-root process 27unpriv1 on daemon1 non-root process on a root daemon process acting with 28 same non-root effective credentials 29unpriv1 on daemon2 non-root process on a root daemon process acting with 30 different non-root effective credentials 31unpriv1 on setuid1 non-root process on a setuid-root process with same 32 non-root real credentials 33unpriv1 on setuid2 non-root process on a setuid-root process with 34 different non-root real credentials 35 36The credential elements supported by the test suite are: 37 38 effective uid 39 real uid 40 saved uid 41 P_SUGID flag 42 43Other untested aspects of interest include groups, as well as session 44relationship. Other test operations that might be of interest are SIGCONT, 45and SIGIO. 46 47The current set of tests includes some tests where normally the P_SUGID 48flag is set, but isn't in the test. The result is that some tests fail 49that may not reflect real-world software configurations. However, they 50do point to possible changes that could be made in the authorization system 51to improve resilience to failure or violation of invariants. 52 53These tests rely on __setugid(), a system call enabled using options 54REGRESSION. 55