priv_vfs_chroot.c revision 172106
1122394Sharti/*- 2122394Sharti * Copyright (c) 2006 nCircle Network Security, Inc. 3122394Sharti * Copyright (c) 2007 Robert N. M. Watson 4122394Sharti * All rights reserved. 5122394Sharti * 6122394Sharti * This software was developed by Robert N. M. Watson for the TrustedBSD 7133211Sharti * Project under contract to nCircle Network Security, Inc. 8216294Ssyrinx * 9216294Ssyrinx * Redistribution and use in source and binary forms, with or without 10216294Ssyrinx * modification, are permitted provided that the following conditions 11216294Ssyrinx * are met: 12216294Ssyrinx * 1. Redistributions of source code must retain the above copyright 13216294Ssyrinx * notice, this list of conditions and the following disclaimer. 14133211Sharti * 2. Redistributions in binary form must reproduce the above copyright 15133211Sharti * notice, this list of conditions and the following disclaimer in the 16133211Sharti * documentation and/or other materials provided with the distribution. 17133211Sharti * 18133211Sharti * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19122394Sharti * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20122394Sharti * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21122394Sharti * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR, NCIRCLE NETWORK SECURITY, 22133211Sharti * INC., OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23133211Sharti * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 24133211Sharti * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 25133211Sharti * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 26133211Sharti * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 27133211Sharti * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 28133211Sharti * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29133211Sharti * 30133211Sharti * $FreeBSD: head/tools/regression/priv/priv_vfs_chroot.c 172106 2007-09-09 23:08:39Z rwatson $ 31133211Sharti */ 32133211Sharti 33133211Sharti/* 34122394Sharti * Test that chroot() requires privilege--do a no-op chroot() to "/". 35150920Sharti * 36122394Sharti * XXXRW: Would also be good to check fchroot() permission, but that is not 37122394Sharti * exposed via the BSD API. 38122394Sharti */ 39122394Sharti 40122394Sharti#include <err.h> 41122394Sharti#include <errno.h> 42122394Sharti#include <unistd.h> 43122394Sharti 44122394Sharti#include "main.h" 45150920Sharti 46133211Shartiint 47150920Shartipriv_vfs_chroot_setup(int asroot, int injail, struct test *test) 48150920Sharti{ 49150920Sharti 50122394Sharti return (0); 51122394Sharti} 52122394Sharti 53122394Shartivoid 54122394Shartipriv_vfs_chroot(int asroot, int injail, struct test *test) 55122394Sharti{ 56122394Sharti int error; 57122394Sharti 58122394Sharti error = chroot("/"); 59122394Sharti if (asroot && injail) 60122394Sharti expect("priv_vfs_chroot(asroot, injail)", error, 0, 0); 61122394Sharti if (asroot && !injail) 62122394Sharti expect("priv_vfs_chroot(asroot, !injail)", error, 0, 0); 63122394Sharti if (!asroot && injail) 64122394Sharti expect("priv_vfs_chroot(!asroot, injail)", error, -1, EPERM); 65122394Sharti if (!asroot && !injail) 66122394Sharti expect("priv_vfs_chroot(!asroot, !injail)", error, -1, EPERM); 67122394Sharti} 68122394Sharti 69122394Shartivoid 70122394Shartipriv_vfs_chroot_cleanup(int asroot, int injail, struct test *test) 71122394Sharti{ 72122394Sharti 73122394Sharti} 74122394Sharti