Commit Graph

9 Commits

Author SHA1 Message Date
Ruslan Ermilov
e653b48c80 Start the dreaded NOFOO -> NO_FOO conversion.
OK'ed by:	core
2004-12-21 08:47:35 +00:00
Ruslan Ermilov
a35d88931c For variables that are only checked with defined(), don't provide
any fake value.
2004-10-24 15:33:08 +00:00
Robert Watson
9e7ebef8c3 gcc now objects to a default label without any contents. Because I want
to have a comment present in the default case, add a 'break' to each
default case that previously had no actual statements.
2004-07-17 17:01:25 +00:00
Robert Watson
361515d909 o Add a comment identifying the "privileged on privileged" scenario.
Obtained from:	TrustedBSD Project
2001-04-13 16:38:34 +00:00
Robert Watson
8f6fee753c o Add inter-process authorization uid regression testing for ktrace().
Obtained from:	TrustedBSD Project
2001-04-13 16:25:25 +00:00
Robert Watson
72919d5f6d o s/debug/ptrace/ since shortly there will be tests involving other
forms of debugging.

Obtained from:	TrustedBSD Project
2001-04-13 16:09:40 +00:00
Robert Watson
bacff58c0e o Expand inter-process authorization regression test to include
signalling with sigsegv as one of the tests.
o Teach errno_to_string() about ENOTSUPP.

Obtained from:  TrustedBSD Project
2001-04-12 17:46:20 +00:00
Robert Watson
3ceef0c3d7 o Enable -DSETSUGID_SUPPORTED in inter-process authorization regression
test by default, as setugid() is now part of the base kernel (assuming
  (options REGRESSION) has been enabled for the running kernel).

Obtained from: TrustedBSD Project
2001-04-11 20:23:23 +00:00
Robert Watson
274f7445fd o First pass at an inter-process authorization regression testing suite.
This test utility attempts to evaluate the current kernel policy
  for authorization inter-process activities, currently ptrace(),
  kill(, SIGHUP), getpriority(), and setpriority().  The utility creates
  pairs of processes, initializes their credential sets to useful
  cases, and reports on whether the results are in keeping with hard-coded
  safety expectations.

o Currently, this utility relies on the availability of __setugid(),
  an uncomitted system call used for managing the P_SUGID bit.  Due to
  continuing discussion of optional regression testing kernel components
  ("options REGRESSION") I'll hold off on committing that until the
  discussion has reached its natural termination.

o A number of additional testing factors should be taken into account
  in the testing, including tests for different classes of signals,
  interactions with process session characteristics, I/O signalling,
  broadcast activities such as broadcast signalling, mass priority
  setting, and to take into group-related aspects of credentials.
  Additional operations should also be taken into account, such as ktrace,
  debugging attach using procfs, and so on.

o This testing suite is intended to prevent the introduction of bugs
  in the upcoming sets of authorization changes associated with the
  introduction of process capabilities and mandatory access control.

Obtained from: TrustedBSD Project
2001-04-11 17:21:14 +00:00