jcs.org
Serenity Operating System
1/*
2 * Copyright (c) 2021, Ben Wiederhake <BenWiederhake.GitHub@gmx.de>
3 *
4 * SPDX-License-Identifier: BSD-2-Clause
5 */
6
7#include <LibTest/TestCase.h>
8#include <fcntl.h>
9#include <sys/prctl.h>
10#include <unistd.h>
11
12TEST_CASE(check_root)
13{
14 auto uid = geteuid();
15 // This test only makes sense as root.
16 EXPECT_EQ(uid, 0u);
17
18 // Before we make the process dumpable, become "fully" root, so that the user cannot tamper with our memory:
19 EXPECT_EQ(setuid(0), 0);
20
21 // If running as setuid, the process is automatically marked as non-dumpable, which bars access to /proc/self/.
22 // However, that is the easiest guess for a /proc/$PID/ directory, so we'd like to use that.
23 // In order to do so, mark this process as dumpable:
24 EXPECT_EQ(prctl(PR_SET_DUMPABLE, 1, 0), 0);
25}
26
27TEST_CASE(root_writes_to_procfs)
28{
29 int fd = open("/proc/self/unveil", O_RDWR | O_APPEND | O_CREAT, 0666); // = 6
30 if (fd < 0) {
31 perror("open");
32 dbgln("fd was {}", fd);
33 FAIL("open failed?! See debugout");
34 return;
35 }
36
37 int rc = write(fd, "hello", 5);
38 perror("write");
39 dbgln("write rc = {}", rc);
40 if (rc >= 0) {
41 FAIL("Wrote successfully?!");
42 }
43}