t_seteuid.c revision 261363
194541Sru/* 294541Sru * Copyright (c) 1999-2001 Proofpoint, Inc. and its suppliers. 394541Sru * All rights reserved. 494541Sru * 594541Sru * By using this file, you agree to the terms and conditions set 694541Sru * forth in the LICENSE file which can be found at the top level of 794541Sru * the sendmail distribution. 894541Sru * 994541Sru */ 1094541Sru 1194541Sru/* 1294541Sru** This program checks to see if your version of seteuid works. 1394541Sru** Compile it, make it set-user-ID root, and run it as yourself (NOT as 1494541Sru** root). If it won't compile or outputs any MAYDAY messages, don't 1594541Sru** define USESETEUID in conf.h. 1694541Sru** 1794541Sru** NOTE: It is not sufficient to have seteuid in your library. 1894541Sru** You must also have saved uids that function properly. 1994541Sru** 2094541Sru** Compilation is trivial -- just "cc t_seteuid.c". Make it set-user-ID 2194541Sru** root and then execute it as a non-root user. 2294541Sru*/ 2394541Sru 2494541Sru#include <sys/types.h> 2594541Sru#include <unistd.h> 2694541Sru#include <stdio.h> 2794541Sru 2894541Sru#ifndef lint 29172400Srustatic char id[] = "@(#)$Id: t_seteuid.c,v 8.9 2013/11/22 20:52:01 ca Exp $"; 3094541Sru#endif /* ! lint */ 3194541Sru 3294541Sru#ifdef __hpux 3394541Sru# define seteuid(e) setresuid(-1, e, -1) 3494541Sru#endif /* __hpux */ 3594541Sru 3694541Srustatic void 3794541Sruprintuids(str, r, e) 3894541Sru char *str; 3994541Sru uid_t r, e; 40172400Sru{ 4194541Sru printf("%s (should be %d/%d): r/euid=%d/%d\n", str, (int) r, (int) e, 4294541Sru (int) getuid(), (int) geteuid()); 4394541Sru} 4494541Sru 4594541Sruint 4694541Srumain(argc, argv) 4794541Sru int argc; 4894541Sru char **argv; 49115122Sru{ 5094541Sru int fail = 0; 5197388Sru uid_t realuid = getuid(); 52153838Sdfr 53128184Sru printuids("initial uids", realuid, 0); 5494541Sru 5594541Sru if (geteuid() != 0) 5694541Sru { 5794541Sru printf("SETUP ERROR: re-run set-user-ID root\n"); 5894541Sru exit(1); 5994541Sru } 6094541Sru 6194541Sru if (getuid() == 0) 6294541Sru { 6394541Sru printf("SETUP ERROR: must be run by a non-root user\n"); 6494541Sru exit(1); 6594541Sru } 6694541Sru 6794541Sru if (seteuid(1) < 0) 6894541Sru printf("seteuid(1) failure\n"); 69164581Sdelphij printuids("after seteuid(1)", realuid, 1); 7094541Sru 7194541Sru if (geteuid() != 1) 7294541Sru { 7394541Sru fail++; 7494541Sru printf("MAYDAY! Wrong effective uid\n"); 7594541Sru } 7694541Sru 7794541Sru /* do activity here */ 7894541Sru 7994541Sru if (seteuid(0) < 0) 8094541Sru { 8194541Sru fail++; 8294541Sru printf("seteuid(0) failure\n"); 8394541Sru } 8494541Sru printuids("after seteuid(0)", realuid, 0); 8594541Sru 8694541Sru if (geteuid() != 0) 8794541Sru { 8894541Sru fail++; 8994541Sru printf("MAYDAY! Wrong effective uid\n"); 9094541Sru } 9194541Sru if (getuid() != realuid) 9294541Sru { 9394541Sru fail++; 9494541Sru printf("MAYDAY! Wrong real uid\n"); 9594541Sru } 9694541Sru printf("\n"); 9794541Sru 9894541Sru if (seteuid(2) < 0) 9994541Sru { 10094541Sru fail++; 10194541Sru printf("seteuid(2) failure\n"); 10294541Sru } 10394541Sru printuids("after seteuid(2)", realuid, 2); 10494541Sru 10594541Sru if (geteuid() != 2) 10694541Sru { 10794541Sru fail++; 10894541Sru printf("MAYDAY! Wrong effective uid\n"); 10994541Sru } 11094541Sru 11194541Sru /* do activity here */ 11294541Sru 11394541Sru if (seteuid(0) < 0) 11494541Sru { 11594541Sru fail++; 11694541Sru printf("seteuid(0) failure\n"); 117 } 118 printuids("after seteuid(0)", realuid, 0); 119 120 if (geteuid() != 0) 121 { 122 fail++; 123 printf("MAYDAY! Wrong effective uid\n"); 124 } 125 if (getuid() != realuid) 126 { 127 fail++; 128 printf("MAYDAY! Wrong real uid\n"); 129 } 130 131 if (fail) 132 { 133 printf("\nThis system cannot use seteuid\n"); 134 exit(1); 135 } 136 137 printf("\nIt is safe to define USESETEUID on this system\n"); 138 exit(0); 139} 140