138032Speter/* 290792Sgshapiro * Copyright (c) 2001 Sendmail, Inc. and its suppliers. 390792Sgshapiro * All rights reserved. 490792Sgshapiro * 590792Sgshapiro * By using this file, you agree to the terms and conditions set 690792Sgshapiro * forth in the LICENSE file which can be found at the top level of 790792Sgshapiro * the sendmail distribution. 890792Sgshapiro * 990792Sgshapiro */ 1090792Sgshapiro 1190792Sgshapiro/* 1238032Speter** This program checks to see if your version of setreuid works. 1390792Sgshapiro** Compile it, make it set-user-ID root, and run it as yourself (NOT as 1438032Speter** root). If it won't compile or outputs any MAYDAY messages, don't 1538032Speter** define HASSETREUID in conf.h. 1638032Speter** 1790792Sgshapiro** Compilation is trivial -- just "cc t_setreuid.c". Make it set-user-ID, 1838032Speter** root and then execute it as a non-root user. 1938032Speter*/ 2038032Speter 2138032Speter#include <sys/types.h> 2238032Speter#include <unistd.h> 2338032Speter#include <stdio.h> 2438032Speter 2564562Sgshapiro#ifndef lint 2698121Sgshapirostatic char id[] = "@(#)$Id: t_setreuid.c,v 8.9 2001/10/12 03:04:46 gshapiro Exp $"; 2764562Sgshapiro#endif /* ! lint */ 2864562Sgshapiro 2938032Speter#ifdef __hpux 3064562Sgshapiro# define setreuid(r, e) setresuid(r, e, -1) 3164562Sgshapiro#endif /* __hpux */ 3238032Speter 3364562Sgshapirostatic void 3464562Sgshapiroprintuids(str, r, e) 3564562Sgshapiro char *str; 3690792Sgshapiro uid_t r, e; 3738032Speter{ 3890792Sgshapiro printf("%s (should be %d/%d): r/euid=%d/%d\n", str, (int) r, (int) e, 3990792Sgshapiro (int) getuid(), (int) geteuid()); 4064562Sgshapiro} 4164562Sgshapiro 4264562Sgshapiroint 4364562Sgshapiromain(argc, argv) 4464562Sgshapiro int argc; 4564562Sgshapiro char **argv; 4664562Sgshapiro{ 4738032Speter int fail = 0; 4838032Speter uid_t realuid = getuid(); 4938032Speter 5038032Speter printuids("initial uids", realuid, 0); 5138032Speter 5238032Speter if (geteuid() != 0) 5338032Speter { 5490792Sgshapiro printf("SETUP ERROR: re-run set-user-ID root\n"); 5538032Speter exit(1); 5638032Speter } 5738032Speter 5838032Speter if (getuid() == 0) 5938032Speter { 6038032Speter printf("SETUP ERROR: must be run by a non-root user\n"); 6138032Speter exit(1); 6238032Speter } 6338032Speter 6438032Speter if (setreuid(0, 1) < 0) 6538032Speter { 6638032Speter fail++; 6738032Speter printf("setreuid(0, 1) failure\n"); 6838032Speter } 6938032Speter printuids("after setreuid(0, 1)", 0, 1); 7038032Speter 7190792Sgshapiro if (getuid() != 0) 7290792Sgshapiro { 7390792Sgshapiro fail++; 7490792Sgshapiro printf("MAYDAY! Wrong real uid\n"); 7590792Sgshapiro } 7690792Sgshapiro 7738032Speter if (geteuid() != 1) 7838032Speter { 7938032Speter fail++; 8038032Speter printf("MAYDAY! Wrong effective uid\n"); 8138032Speter } 8238032Speter 8338032Speter /* do activity here */ 8438032Speter 8538032Speter if (setreuid(-1, 0) < 0) 8638032Speter { 8738032Speter fail++; 8838032Speter printf("setreuid(-1, 0) failure\n"); 8938032Speter } 9038032Speter printuids("after setreuid(-1, 0)", 0, 0); 9138032Speter if (setreuid(realuid, 0) < 0) 9238032Speter { 9338032Speter fail++; 9490792Sgshapiro printf("setreuid(%d, 0) failure\n", (int) realuid); 9538032Speter } 9638032Speter printuids("after setreuid(realuid, 0)", realuid, 0); 9738032Speter 9838032Speter if (geteuid() != 0) 9938032Speter { 10038032Speter fail++; 10138032Speter printf("MAYDAY! Wrong effective uid\n"); 10238032Speter } 10338032Speter if (getuid() != realuid) 10438032Speter { 10538032Speter fail++; 10638032Speter printf("MAYDAY! Wrong real uid\n"); 10738032Speter } 10838032Speter printf("\n"); 10938032Speter 11038032Speter if (setreuid(0, 2) < 0) 11138032Speter { 11238032Speter fail++; 11338032Speter printf("setreuid(0, 2) failure\n"); 11438032Speter } 11538032Speter printuids("after setreuid(0, 2)", 0, 2); 11638032Speter 11738032Speter if (geteuid() != 2) 11838032Speter { 11938032Speter fail++; 12038032Speter printf("MAYDAY! Wrong effective uid\n"); 12138032Speter } 12238032Speter 12390792Sgshapiro if (getuid() != 0) 12490792Sgshapiro { 12590792Sgshapiro fail++; 12690792Sgshapiro printf("MAYDAY! Wrong real uid\n"); 12790792Sgshapiro } 12890792Sgshapiro 12938032Speter /* do activity here */ 13038032Speter 13138032Speter if (setreuid(-1, 0) < 0) 13238032Speter { 13338032Speter fail++; 13438032Speter printf("setreuid(-1, 0) failure\n"); 13538032Speter } 13638032Speter printuids("after setreuid(-1, 0)", 0, 0); 13738032Speter if (setreuid(realuid, 0) < 0) 13838032Speter { 13938032Speter fail++; 14090792Sgshapiro printf("setreuid(%d, 0) failure\n", (int) realuid); 14138032Speter } 14238032Speter printuids("after setreuid(realuid, 0)", realuid, 0); 14338032Speter 14438032Speter if (geteuid() != 0) 14538032Speter { 14638032Speter fail++; 14738032Speter printf("MAYDAY! Wrong effective uid\n"); 14838032Speter } 14938032Speter if (getuid() != realuid) 15038032Speter { 15138032Speter fail++; 15238032Speter printf("MAYDAY! Wrong real uid\n"); 15338032Speter } 15438032Speter 15538032Speter if (fail) 15638032Speter { 15738032Speter printf("\nThis system cannot use setreuid\n"); 15838032Speter exit(1); 15938032Speter } 16038032Speter 16138032Speter printf("\nIt is safe to define HASSETREUID on this system\n"); 16238032Speter exit(0); 16338032Speter} 164