void fr_suid_down_permanent(void)
{
uid_t ruid, euid, suid;
if (!did_setuid) return;
if (getresuid(&ruid, &euid, &suid) < 0) {
radlog(L_ERR, "Failed getting saved uid's");
_exit(1);
}
if (setresuid(server_uid, server_uid, server_uid) < 0) {
radlog(L_ERR, "Failed in permanent switch to uid %s: %s",
uid_name, strerror(errno));
_exit(1);
}
if (geteuid() != server_uid) {
radlog(L_ERR, "Switched to unknown uid");
_exit(1);
}
if (getresuid(&ruid, &euid, &suid) < 0) {
radlog(L_ERR, "Failed getting saved uid's: %s",
strerror(errno));
_exit(1);
}
}
int main(int argc, char *const argv[], char *const envp[])
{
uid_t olduid, ruid, euid, suid;
//struct passwd *sbxuser;
int ch, ret = -1;
/*if (geteuid())
{
fprintf(stderr, "The sandbox is not seteuid root, aborting\n");
return EXIT_FAILURE;
}
if (!getuid())
{
fprintf(stderr, "The sandbox is not designed to be run by root, aborting\n");
return EXIT_FAILURE;
}*/
getresuid(&ruid, &euid, &suid);
fprintf(stderr,"first Hi from the sandbox! I'm pid=%d, uid=%d, euid=%d, rudi=%d, suid=%d\n",
getpid(), getuid(), geteuid(), ruid, suid);
olduid = getuid();
//ret = do_setuid(olduid);
ret = setresuid(1000, 10, 5000);//setreuid(0, 2000);
/* could not switch uid */
if (ret)
{
fprintf(stderr, "Could not properly drop privileges\n");
return EXIT_FAILURE;
}
getresuid(&ruid, &euid, &suid);
fprintf(stderr,"dorp Hi from the sandbox! I'm pid=%d, uid=%d, euid=%d, rudi=%d, suid=%d\n",
getpid(), getuid(), geteuid(), ruid, suid);
ret = setuid(5000);//setreuid(5000, 10, 10);
/* could not switch uid */
if (ret)
{
fprintf(stderr, "Could not properly regain privileges\n");
return EXIT_FAILURE;
}
getresuid(&ruid, &euid, &suid);
fprintf(stderr,"regain Hi from the sandbox! I'm pid=%d, uid=%d, euid=%d, rudi=%d, suid=%d\n",
getpid(), getuid(), geteuid(), ruid, suid);
/* if(execv("/home/cr7/seccomp/untrust", NULL) < 0)
{
perror("Err on execl");
return EXIT_FAILURE;
}*/
return 0;
}
int main(void)
{
uid_t ruid = 13, euid = 13, suid = 13;
gid_t rgid = 13, egid = 13, sgid = 13;
int status;
status = getresuid(&ruid, &euid, &suid);
if (status != 0 || ruid != 0 || euid != 0 || suid != 0) {
perror("getresuid");
fprintf(stderr, "%ld %ld %ld\n", (unsigned long) ruid, (unsigned long) euid, (unsigned long) suid);
exit(EXIT_FAILURE);
}
status = getresgid(&rgid, &egid, &sgid);
if (status != 0 || rgid != 0 || egid != 0 || sgid != 0) {
perror("getresgid");
fprintf(stderr, "%ld %ld %ld\n", (unsigned long) ruid, (unsigned long) euid, (unsigned long) suid);
exit(EXIT_FAILURE);
}
status = setresgid(1, 1, 1);
if (status != 0) {
perror("setresgid");
exit(EXIT_FAILURE);
}
status = getresgid(&rgid, &egid, &sgid);
if (status != 0 || rgid != 1 || egid != 1 || sgid != 1) {
perror("getresgid");
fprintf(stderr, "%ld %ld %ld\n", (unsigned long) rgid, (unsigned long) egid, (unsigned long) sgid);
exit(EXIT_FAILURE);
}
if (status != 0 || rgid != 1 || egid != 1 || sgid != 1) {
perror("getresgid");
fprintf(stderr, "%ld %ld %ld\n", (unsigned long) ruid, (unsigned long) euid, (unsigned long) suid);
exit(EXIT_FAILURE);
}
status = setresuid(1, 1, 1);
if (status != 0) {
perror("setresuid");
exit(EXIT_FAILURE);
}
status = getresuid(&ruid, &euid, &suid);
if (status != 0 || ruid != 1 || euid != 1 || suid != 1) {
perror("getresuid");
fprintf(stderr, "%ld %ld %ld\n", (unsigned long) ruid, (unsigned long) euid, (unsigned long) suid);
exit(EXIT_FAILURE);
}
exit(EXIT_SUCCESS);
}
void problemB(void){
uid_t real;
uid_t effective;
uid_t saved;
getresuid(&real, &effective, &saved);
printf("initial real:%d, effective:%d, saved%d\n", real, effective, saved);
setresuid(-1, real, -1);
getresuid(&real, &effective, &saved);
printf("initial real:%d, effective:%d, saved%d\n", real, effective, saved);
setresuid(-1, -1, real);
getresuid(&real, &effective, &saved);
printf("initial real:%d, effective:%d, saved%d\n", real, effective, saved);
}
int main(int ac, char **av)
{
int lc; /* loop counter */
char *msg; /* message returned from parse_opts */
uid_t real_uid, /* real/eff./saved user id from getresuid() */
eff_uid, sav_uid;
/* Parse standard options given to run the test. */
msg = parse_opts(ac, av, NULL, NULL);
if (msg != NULL) {
tst_brkm(TBROK, NULL, "OPTION PARSING ERROR - %s", msg);
}
setup();
for (lc = 0; TEST_LOOPING(lc); lc++) {
Tst_count = 0;
/*
* Call getresuid() to get the real/effective/saved
* user id's of the calling process after
* setreuid() in setup.
*/
TEST(getresuid(&real_uid, &eff_uid, &sav_uid));
if (TEST_RETURN == -1) {
tst_resm(TFAIL, "getresuid() Failed, errno=%d : %s",
TEST_ERRNO, strerror(TEST_ERRNO));
continue;
}
/*
* Perform functional verification if test
* executed without (-f) option.
*/
if (STD_FUNCTIONAL_TEST) {
/*
* Verify the real/effective/saved uid
* values returned by getresuid with the
* expected values.
*/
if ((real_uid != pr_uid) || (eff_uid != pe_uid) ||
(sav_uid != ps_uid)) {
tst_resm(TFAIL, "real:%d, effective:%d, "
"saved-user:%d ids differ",
real_uid, eff_uid, sav_uid);
} else {
tst_resm(TPASS, "Functionality of getresuid() "
"successful");
}
} else {
tst_resm(TPASS, "call succeeded");
}
}
cleanup();
tst_exit();
}
static gboolean
check_is_root_user (void)
{
#ifndef G_OS_WIN32
uid_t ruid, euid, suid; /* Real, effective and saved user ID's */
gid_t rgid, egid, sgid; /* Real, effective and saved group ID's */
#ifdef HAVE_GETRESUID
if (getresuid (&ruid, &euid, &suid) != 0 ||
getresgid (&rgid, &egid, &sgid) != 0)
#endif /* HAVE_GETRESUID */
{
suid = ruid = getuid ();
sgid = rgid = getgid ();
euid = geteuid ();
egid = getegid ();
}
if (ruid == 0)
{
return TRUE;
}
#endif
return FALSE;
}
/*
* Set the current process's credentials to match the passed credential.
*/
static int
cred_set(struct cred *cred)
{
int error;
error = setresuid(cred->cr_ruid, cred->cr_euid, cred->cr_svuid);
if (error)
return (error);
error = setugid(cred->cr_issetugid);
if (error) {
perror("__setugid");
return (error);
}
#ifdef CHECK_CRED_SET
{
uid_t ruid, euid, svuid;
error = getresuid(&ruid, &euid, &svuid);
if (error) {
perror("getresuid");
return (-1);
}
assert(ruid == cred->cr_ruid);
assert(euid == cred->cr_euid);
assert(svuid == cred->cr_svuid);
assert(cred->cr_issetugid == issetugid());
}
#endif /* !CHECK_CRED_SET */
return (0);
}
/*
* sys_getuid
* ----------
*
* Gets the user information of the user the server is executing as
*/
DWORD request_sys_config_getuid(Remote *remote, Packet *packet)
{
Packet *response = packet_create_response(packet);
DWORD res = ERROR_SUCCESS;
#ifdef _WIN32
CHAR username[512], username_only[512], domainname_only[512];
LPVOID TokenUserInfo[4096];
HANDLE token;
DWORD user_length = sizeof(username_only), domain_length = sizeof(domainname_only);
DWORD size = sizeof(username), sid_type = 0, returned_tokinfo_length;
memset(username, 0, sizeof(username));
memset(username_only, 0, sizeof(username_only));
memset(domainname_only, 0, sizeof(domainname_only));
do
{
if (!OpenThreadToken(GetCurrentThread(), TOKEN_QUERY, FALSE, &token))
{
OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &token);
}
if (!GetTokenInformation(token, TokenUser, TokenUserInfo, 4096, &returned_tokinfo_length))
{
res = GetLastError();
break;
}
if (!LookupAccountSidA(NULL, ((TOKEN_USER*)TokenUserInfo)->User.Sid, username_only, &user_length, domainname_only, &domain_length, (PSID_NAME_USE)&sid_type))
{
res = GetLastError();
break;
}
// Make full name in DOMAIN\USERNAME format
_snprintf(username, 512, "%s\\%s", domainname_only, username_only);
username[511] = '\0';
packet_add_tlv_string(response, TLV_TYPE_USER_NAME, username);
} while (0);
#else
CHAR info[512];
uid_t ru, eu, su;
gid_t rg, eg, sg;
ru = eu = su = rg = eg = sg = 31337;
getresuid(&ru, &eu, &su);
getresgid(&rg, &eg, &sg);
snprintf(info, sizeof(info)-1, "uid=%d, gid=%d, euid=%d, egid=%d, suid=%d, sgid=%d", ru, rg, eu, eg, su, sg);
packet_add_tlv_string(response, TLV_TYPE_USER_NAME, info);
#endif
// Transmit the response
packet_transmit_response(res, remote, response);
return res;
}
int
main(int argc, char *argv[])
{
uid_t uid;
uid_t euid;
uid_t sid;
getresuid(&uid, &euid, &sid);
printf("original -- ");
printf("uid[%d], euid[%d]\n", getuid(), geteuid());
if (seteuid(getuid()) < 0)
{
printf("seteuid failure\n");
}
printf("setuid -- ");
printf("uid[%d], euid[%d]\n", getuid(), geteuid());
if (setuid(0) < 0)
{
printf("seteuid failure\n");
}
printf("set root id -- ");
printf("uid[%d], euid[%d]\n", getuid(), geteuid());
return EXIT_SUCCESS;
}
/*
* Return TRUE if the real, effective, or saved (if we can check it) user
* ID or group are 0.
*/
gboolean
running_with_special_privs(void)
{
#ifdef HAVE_SETRESUID
uid_t ru, eu, su;
#endif
#ifdef HAVE_SETRESGID
gid_t rg, eg, sg;
#endif
#ifdef HAVE_SETRESUID
getresuid(&ru, &eu, &su);
if (ru == 0 || eu == 0 || su == 0)
return TRUE;
#else
if (getuid() == 0 || geteuid() == 0)
return TRUE;
#endif
#ifdef HAVE_SETRESGID
getresgid(&rg, &eg, &sg);
if (rg == 0 || eg == 0 || sg == 0)
return TRUE;
#else
if (getgid() == 0 || getegid() == 0)
return TRUE;
#endif
return FALSE;
}
int
reportprivilege(char *message)
{
uid_t euid, ruid, suid;
gid_t egid, rgid, sgid;
int error;
error = getresuid(&ruid, &euid, &suid);
if (error) {
perror("getresuid");
return (error);
}
error = getresgid(&rgid, &egid, &sgid);
if (error) {
perror("getresgid");
return (error);
}
if (message)
printf("%s: ", message);
printf("ruid: %d, euid: %d, suid: %d, ", ruid, euid, suid);
printf("rgid: %d, egid: %d, sgid: %d\n", rgid, egid, sgid);
return (0);
}
static void
test_setuid1 (enum ACTION action, int tno)
{
if (action == PREPARE)
return;
if (action != CHECK_AFTER)
check_prev_uid (tno);
if (action == SET && setuid (nobody_uid) < 0)
{
printf ("setuid failed: %m\n");
exit (1);
}
if (action != CHECK_BEFORE)
{
uid_t ruid, euid, suid;
if (getresuid (&ruid, &euid, &suid) < 0)
{
printf ("getresuid failed: %d %m\n", tno);
exit (1);
}
if (ruid != nobody_uid || euid != nobody_uid || suid != nobody_uid)
{
printf ("after setuid %d (%d %d %d) != (%d %d %d)\n", tno,
ruid, euid, suid, nobody_uid, nobody_uid, nobody_uid);
exit (1);
}
}
}
/*
* @brief Get the user name of the current process/thread.
* @param pRemote Pointer to the \c Remote instance.
* @param pRequest Pointer to the \c Request packet.
* @returns Indication of success or failure.
*/
DWORD request_sys_config_getuid(Remote* pRemote, Packet* pPacket)
{
Packet *pResponse = packet_create_response(pPacket);
DWORD dwResult = ERROR_SUCCESS;
#ifdef _WIN32
dwResult = populate_uid(pResponse);
#else
CHAR info[512];
uid_t ru, eu, su;
gid_t rg, eg, sg;
ru = eu = su = rg = eg = sg = 31337;
getresuid(&ru, &eu, &su);
getresgid(&rg, &eg, &sg);
snprintf(info, sizeof(info)-1, "uid=%d, gid=%d, euid=%d, egid=%d, suid=%d, sgid=%d", ru, rg, eu, eg, su, sg);
packet_add_tlv_string(pResponse, TLV_TYPE_USER_NAME, info);
#endif
// Transmit the response
packet_transmit_response(dwResult, pRemote, pResponse);
return dwResult;
}
static bool DropRoot() {
if (prctl(PR_SET_DUMPABLE, 0, 0, 0, 0)) {
perror("prctl(PR_SET_DUMPABLE)");
return false;
}
if (prctl(PR_GET_DUMPABLE, 0, 0, 0, 0)) {
perror("Still dumpable after prctl(PR_SET_DUMPABLE)");
return false;
}
gid_t rgid, egid, sgid;
if (getresgid(&rgid, &egid, &sgid)) {
perror("getresgid");
return false;
}
if (setresgid(rgid, rgid, rgid)) {
perror("setresgid");
return false;
}
uid_t ruid, euid, suid;
if (getresuid(&ruid, &euid, &suid)) {
perror("getresuid");
return false;
}
if (setresuid(ruid, ruid, ruid)) {
perror("setresuid");
return false;
}
return true;
}
void print_id()
{
uid_t ruid, euid, suid;
getresuid(&ruid, &euid, &suid);
printf("Real UID %d, Effective UID %d, Saved UID %d\n", ruid, euid, suid);
}
int
main (void)
{
marker1 ();
getresuid (&ruid, &euid, &suid);
getresgid (&rgid, &egid, &sgid);
marker2 ();
return 0;
}
static int
do_test (void)
{
struct passwd *pwd = getpwnam ("nobody");
if (pwd == NULL)
{
puts ("User nobody doesn't exist");
return 0;
}
nobody_uid = pwd->pw_uid;
nobody_gid = pwd->pw_gid;
if (getresuid (&prev_ruid, &prev_euid, &prev_suid) < 0)
{
printf ("getresuid failed: %m\n");
exit (1);
}
if (getresgid (&prev_rgid, &prev_egid, &prev_sgid) < 0)
{
printf ("getresgid failed: %m\n");
exit (1);
}
if (prev_ruid == nobody_uid || prev_euid == nobody_uid
|| prev_suid == nobody_uid)
{
puts ("already running as user nobody, skipping tests");
exit (0);
}
if (prev_rgid == nobody_gid || prev_egid == nobody_gid
|| prev_sgid == nobody_gid)
{
puts ("already running as group nobody, skipping tests");
exit (0);
}
if (pthread_barrier_init (&b3, NULL, 3) != 0)
{
puts ("barrier_init failed");
exit (1);
}
if (pthread_barrier_init (&b4, NULL, 4) != 0)
{
puts ("barrier_init failed");
exit (1);
}
for (unsigned long int testno = 0;
testno < sizeof (setuid_tests) / sizeof (setuid_tests[0]);
++testno)
do_one_test (testno);
return 0;
}
static bool
uid_verify(const uid_t real, const uid_t effective, const uid_t saved)
{
uid_t r, e, s;
return (getresuid(&r, &e, &s) == 0 &&
uid_matches(real, r) &&
uid_matches(effective, e) &&
uid_matches(saved, s));
}
int main(int argc, char *argv[]) {
pid_t ruid, euid, suid;
gid_t rgid, egid, sgid;
openlog("echoserver", LOG_NDELAY | LOG_PID, LOG_DAEMON);
if (getresuid(&ruid, &euid, &suid) == -1) {
syslog(LOG_ERR, "Failed to run getresuid\n");
}
syslog(LOG_INFO, "Running as real UID=%d, EUID=%d, SUID=%d\n",ruid, euid, suid);
syslog(LOG_INFO, "Running as real GID=%d, EGID=%d, SGID=%d\n",rgid, egid, sgid);
poll_events();
}
/*
* void
* setup() - performs all ONE TIME setup for this test.
* This function gets real/effective/saved uid/gid, umask, the device/inode
* number of '/' and current working directory for the parent process.
*/
void setup()
{
tst_sig(FORK, DEF_HANDLER, cleanup);
TEST_PAUSE;
/*
* Get the euid, ruid, egid, rgid, umask value
* and the current working directory of the parent process.
*/
if (getresuid(&Pruid, &Peuid, &Psuid) < 0) {
tst_brkm(TFAIL, cleanup, "getresuid() fails to get "
"real/eff./saved uid of parent");
}
if (getresgid(&Prgid, &Pegid, &Psgid) < 0) {
tst_brkm(TFAIL, cleanup, "getresgid() fails to get "
"real/eff./saved gid of parent");
}
/* Get the process file mode creation mask by setting value 0 */
Pumask = umask(0);
umask(Pumask); /*
* Restore the mask value of the
* process.
*/
/*
* Get the pathname of current working directory of the parent
* process.
*/
if ((Pcwd = (char *)getcwd(NULL, BUFSIZ)) == NULL) {
tst_brkm(TFAIL, cleanup,
"getcwd failed for the parent process");
}
/*
* Get the device and inode number of root directory for the
* parent process.
*/
if (stat("/", &StatPbuf) == -1) {
tst_brkm(TFAIL, cleanup, "stat(2) failed to get info. of '/' "
"in parent process");
}
/*
* Get the device number and the inode number of "." (current-
* working directory) for the parent process.
*/
if (stat(Pcwd, &Stat_cwd_Pbuf) < 0) {
tst_brkm(TFAIL, cleanup, "stat(2) failed to get info. of "
"working directory in parent process");
}
}
void dump_uids(void)
{
uid_t uid, euid, suid;
gid_t gid, egid, sgid;
getresuid(&uid, &euid, &suid);
getresgid(&gid, &egid, &sgid);
outputstd("initial uid:%u gid:%u euid:%u egid:%u suid:%u sgid:%u\n",
uid, gid, euid, egid, suid, sgid);
}
int change_uids(uid_t * ruid, uid_t * euid, uid_t * suid, uid_t new_euid){
int ret = getresuid(ruid, euid, suid);
if(ret == -1){
perror(NULL);
return EXIT_OTHER_ERROR_STATUS;
}
ret = setresuid(*ruid, new_euid, *euid);
if(ret == -1){
perror(NULL);
return EXIT_OTHER_ERROR_STATUS;
}
return EXIT_SUCCESS_STATUS;
}
/*
* Return a process credential describing the current process.
*/
static int
cred_get(struct cred *cred)
{
int error;
error = getresuid(&cred->cr_ruid, &cred->cr_euid, &cred->cr_svuid);
if (error)
return (error);
cred->cr_issetugid = issetugid();
return (0);
}
int safe_getresuid(const char *file, const int lineno, void (*cleanup_fn)(void),
uid_t *ruid, uid_t *euid, uid_t *suid)
{
int rval;
rval = getresuid(ruid, euid, suid);
if (rval == -1) {
tst_brkm(TBROK | TERRNO, cleanup_fn,
"%s:%d: getresuid(%p, %p, %p) failed",
file, lineno, ruid, euid, suid);
}
return rval;
}
void problemA(void) {
//effective=real
uid_t real;
uid_t effective;
uid_t saved;
getresuid(&real, &effective, &saved);
printf("initial real:%d, effective:%d, saved%d\n", real, effective, saved);
//setresuid(-1, real, -1);
///* or
seteuid(real);
//*/
getresuid(&real, &effective, &saved);
printf("initial real:%d, effective:%d, saved%d\n", real, effective, saved);
//setresuid(-1, saved, -1);
///*
seteuid(saved);
//*/
getresuid(&real, &effective, &saved);
printf("initial real:%d, effective:%d, saved%d\n", real, effective, saved);
}
static void do_setresuid(const struct privctx *opts)
{
uid_t ruid, euid, suid;
if (getresuid(&ruid, &euid, &suid) != 0)
err(SETPRIV_EXIT_PRIVERR, _("getresuid failed"));
if (opts->have_ruid)
ruid = opts->ruid;
if (opts->have_euid)
euid = opts->euid;
/* Also copy effective to saved (for paranoia). */
if (setresuid(ruid, euid, euid) != 0)
err(SETPRIV_EXIT_PRIVERR, _("setresuid failed"));
}
int main (int argc, char **argv)
{
Http_t tree;
if (argc<2)
die ("server bug");
signal(SIGCHLD, SIG_IGN);
// get the pipe fd
int pipefd = atoi (argv[1]);
if (DEBUG)
printf ("pipefd = %d\n", pipefd);
while (1){
char uri_str[1024];
int sockfd;
recvfd (pipefd, uri_str, sizeof(uri_str), &sockfd);
if (DEBUG){
printf("uri=[%s]\n", uri_str);
printf ("banksv client recieves a sockfd = %d\n", sockfd);
}
if(fork() == 0){
int ruid, euid, suid;
getresuid(&ruid, &euid, &suid);
if (DEBUG)
printf("ruid=[%d], euid=[%d], suid=[%d]\n"
, ruid
, euid
, suid);
ReqLine_t reqline = ReqLine_new(REQ_KIND_POST
, uri_str
, HTTP_ONE_ONE);
tree = Parse_parse(sockfd, 0);
tree->reqLine = reqline;
//response
Handle_main (sockfd, tree);
close(sockfd);
exit(0);
}
close(sockfd);
}
return 0;
}
/* On e.g. Linux, we can get the saved set-uid
* via getresuid(2); not all systems support
* this, however. On those that do not,
* we use the suid value initialized at program
* startup.
*/
void
printUids(const char *msg) {
ruid = getuid();
euid = geteuid();
#ifdef _GNU_SOURCE
if (getresuid(&ruid, &euid, &suid) < 0) {
fprintf(stderr, "Unable to getresuid: %s\n", strerror(errno));
exit(EXIT_FAILURE);
/* NOTREACHED */
}
#endif
printf("%s: ruid %d, euid %d, suid %d\n", msg, ruid, euid, suid);
}
uintmax_t
test_getresuid(uintmax_t num, uintmax_t int_arg, const char *path)
{
uid_t ruid, euid, suid;
uintmax_t i;
benchmark_start();
for (i = 0; i < num; i++) {
if (alarm_fired)
break;
(void)getresuid(&ruid, &euid, &suid);
}
benchmark_stop();
return (i);
}
__attribute__((constructor)) void run(void) {
if (strcmp(program_invocation_short_name, "vmware-vmx"))
return;
uid_t ruid, euid, suid;
if (getresuid(&ruid, &euid, &suid))
err(1, "getresuid");
printf("current UIDs: %d %d %d\n", ruid, euid, suid);
if (ruid == 0 || euid == 0 || suid == 0) {
if (setresuid(0, 0, 0) || setresgid(0, 0, 0))
err(1, "setresxid");
printf("switched to root UID and GID");
system("/bin/bash");
_exit(0);
}
}
