Commit Graph

8 Commits

Author SHA1 Message Date
Robert Watson
abc9a36083 o Fix two eaccess() checks -- in one case, the wrong test file
was used, resulting in a regression failure, and in the other,
  the test on an error return was inverted.

Obtained from: TrustedBSD Project
2001-09-21 21:28:43 +00:00
Robert Watson
884748cf55 o Regression test to check that appropriate parts of the process
credential are used in the access() and new eaccess() system calls.

Obtained from:	TrustedBSD Project
2001-09-20 20:03:58 +00:00
Robert Watson
361515d909 o Add a comment identifying the "privileged on privileged" scenario.
Obtained from:	TrustedBSD Project
2001-04-13 16:38:34 +00:00
Robert Watson
8f6fee753c o Add inter-process authorization uid regression testing for ktrace().
Obtained from:	TrustedBSD Project
2001-04-13 16:25:25 +00:00
Robert Watson
72919d5f6d o s/debug/ptrace/ since shortly there will be tests involving other
forms of debugging.

Obtained from:	TrustedBSD Project
2001-04-13 16:09:40 +00:00
Robert Watson
bacff58c0e o Expand inter-process authorization regression test to include
signalling with sigsegv as one of the tests.
o Teach errno_to_string() about ENOTSUPP.

Obtained from:  TrustedBSD Project
2001-04-12 17:46:20 +00:00
Robert Watson
3ceef0c3d7 o Enable -DSETSUGID_SUPPORTED in inter-process authorization regression
test by default, as setugid() is now part of the base kernel (assuming
  (options REGRESSION) has been enabled for the running kernel).

Obtained from: TrustedBSD Project
2001-04-11 20:23:23 +00:00
Robert Watson
274f7445fd o First pass at an inter-process authorization regression testing suite.
This test utility attempts to evaluate the current kernel policy
  for authorization inter-process activities, currently ptrace(),
  kill(, SIGHUP), getpriority(), and setpriority().  The utility creates
  pairs of processes, initializes their credential sets to useful
  cases, and reports on whether the results are in keeping with hard-coded
  safety expectations.

o Currently, this utility relies on the availability of __setugid(),
  an uncomitted system call used for managing the P_SUGID bit.  Due to
  continuing discussion of optional regression testing kernel components
  ("options REGRESSION") I'll hold off on committing that until the
  discussion has reached its natural termination.

o A number of additional testing factors should be taken into account
  in the testing, including tests for different classes of signals,
  interactions with process session characteristics, I/O signalling,
  broadcast activities such as broadcast signalling, mass priority
  setting, and to take into group-related aspects of credentials.
  Additional operations should also be taken into account, such as ktrace,
  debugging attach using procfs, and so on.

o This testing suite is intended to prevent the introduction of bugs
  in the upcoming sets of authorization changes associated with the
  introduction of process capabilities and mandatory access control.

Obtained from: TrustedBSD Project
2001-04-11 17:21:14 +00:00