138032Speter/*
290792Sgshapiro * Copyright (c) 1999-2001 Sendmail, Inc. and its suppliers.
390792Sgshapiro *	All rights reserved.
490792Sgshapiro *
590792Sgshapiro * By using this file, you agree to the terms and conditions set
690792Sgshapiro * forth in the LICENSE file which can be found at the top level of
790792Sgshapiro * the sendmail distribution.
890792Sgshapiro *
990792Sgshapiro */
1090792Sgshapiro
1190792Sgshapiro/*
1238032Speter**  This program checks to see if your version of seteuid works.
1390792Sgshapiro**  Compile it, make it set-user-ID root, and run it as yourself (NOT as
1438032Speter**  root).  If it won't compile or outputs any MAYDAY messages, don't
1538032Speter**  define USESETEUID in conf.h.
1638032Speter**
1738032Speter**	NOTE:  It is not sufficient to have seteuid in your library.
1838032Speter**	You must also have saved uids that function properly.
1938032Speter**
2090792Sgshapiro**  Compilation is trivial -- just "cc t_seteuid.c".  Make it set-user-ID
2138032Speter**  root and then execute it as a non-root user.
2238032Speter*/
2338032Speter
2438032Speter#include <sys/types.h>
2538032Speter#include <unistd.h>
2638032Speter#include <stdio.h>
2738032Speter
2864562Sgshapiro#ifndef lint
2998121Sgshapirostatic char id[] = "@(#)$Id: t_seteuid.c,v 8.8 2001/09/23 03:35:41 ca Exp $";
3064562Sgshapiro#endif /* ! lint */
3164562Sgshapiro
3238032Speter#ifdef __hpux
3364562Sgshapiro# define seteuid(e)	setresuid(-1, e, -1)
3464562Sgshapiro#endif /* __hpux */
3538032Speter
3664562Sgshapirostatic void
3764562Sgshapiroprintuids(str, r, e)
3864562Sgshapiro	char *str;
3990792Sgshapiro	uid_t r, e;
4038032Speter{
4190792Sgshapiro	printf("%s (should be %d/%d): r/euid=%d/%d\n", str, (int) r, (int) e,
4290792Sgshapiro	       (int) getuid(), (int) geteuid());
4364562Sgshapiro}
4464562Sgshapiro
4564562Sgshapiroint
4664562Sgshapiromain(argc, argv)
4764562Sgshapiro	int argc;
4864562Sgshapiro	char **argv;
4964562Sgshapiro{
5038032Speter	int fail = 0;
5138032Speter	uid_t realuid = getuid();
5238032Speter
5338032Speter	printuids("initial uids", realuid, 0);
5438032Speter
5538032Speter	if (geteuid() != 0)
5638032Speter	{
5790792Sgshapiro		printf("SETUP ERROR: re-run set-user-ID root\n");
5838032Speter		exit(1);
5938032Speter	}
6038032Speter
6138032Speter	if (getuid() == 0)
6238032Speter	{
6338032Speter		printf("SETUP ERROR: must be run by a non-root user\n");
6438032Speter		exit(1);
6538032Speter	}
6638032Speter
6738032Speter	if (seteuid(1) < 0)
6838032Speter		printf("seteuid(1) failure\n");
6938032Speter	printuids("after seteuid(1)", realuid, 1);
7038032Speter
7138032Speter	if (geteuid() != 1)
7238032Speter	{
7338032Speter		fail++;
7438032Speter		printf("MAYDAY!  Wrong effective uid\n");
7538032Speter	}
7638032Speter
7738032Speter	/* do activity here */
7838032Speter
7938032Speter	if (seteuid(0) < 0)
8038032Speter	{
8138032Speter		fail++;
8238032Speter		printf("seteuid(0) failure\n");
8338032Speter	}
8438032Speter	printuids("after seteuid(0)", realuid, 0);
8538032Speter
8638032Speter	if (geteuid() != 0)
8738032Speter	{
8838032Speter		fail++;
8938032Speter		printf("MAYDAY!  Wrong effective uid\n");
9038032Speter	}
9138032Speter	if (getuid() != realuid)
9238032Speter	{
9338032Speter		fail++;
9438032Speter		printf("MAYDAY!  Wrong real uid\n");
9538032Speter	}
9638032Speter	printf("\n");
9738032Speter
9838032Speter	if (seteuid(2) < 0)
9938032Speter	{
10038032Speter		fail++;
10138032Speter		printf("seteuid(2) failure\n");
10238032Speter	}
10338032Speter	printuids("after seteuid(2)", realuid, 2);
10438032Speter
10538032Speter	if (geteuid() != 2)
10638032Speter	{
10738032Speter		fail++;
10838032Speter		printf("MAYDAY!  Wrong effective uid\n");
10938032Speter	}
11038032Speter
11138032Speter	/* do activity here */
11238032Speter
11338032Speter	if (seteuid(0) < 0)
11438032Speter	{
11538032Speter		fail++;
11638032Speter		printf("seteuid(0) failure\n");
11738032Speter	}
11838032Speter	printuids("after seteuid(0)", realuid, 0);
11938032Speter
12038032Speter	if (geteuid() != 0)
12138032Speter	{
12238032Speter		fail++;
12338032Speter		printf("MAYDAY!  Wrong effective uid\n");
12438032Speter	}
12538032Speter	if (getuid() != realuid)
12638032Speter	{
12738032Speter		fail++;
12838032Speter		printf("MAYDAY!  Wrong real uid\n");
12938032Speter	}
13038032Speter
13138032Speter	if (fail)
13238032Speter	{
13338032Speter		printf("\nThis system cannot use seteuid\n");
13438032Speter		exit(1);
13538032Speter	}
13638032Speter
13738032Speter	printf("\nIt is safe to define USESETEUID on this system\n");
13838032Speter	exit(0);
13938032Speter}
140