From 2120c040f0b2bf6b090de3797282bdb1b2d47d79 Mon Sep 17 00:00:00 2001 From: Tim Shimmin Date: Wed, 18 Aug 2004 09:29:50 +0000 Subject: [PATCH] Do more testing for the EA/CAP removal on write bug. Do more testing for the EA/CAP removal on write bug. --- 093 | 59 +++++++++++++++++++++++++++++++++++ 093.out | Bin 244 -> 917 bytes src/Makefile | 2 +- src/writemod.c | 81 +++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 141 insertions(+), 1 deletion(-) create mode 100644 src/writemod.c diff --git a/093 b/093 index 89b114bd..72397da4 100755 --- a/093 +++ b/093 @@ -65,6 +65,11 @@ _testfilter() sed -e "s#$testdir#TESTDIR#g" } +_filefilter() +{ + sed -e "s#$tmp##" -e "s#$file#file#" +} + # real QA test starts here _supported_fs xfs udf _supported_os IRIX @@ -105,13 +110,67 @@ $tmp.append echo "ls -P on file" ls -P $file | _testfilter +echo "cat file" +echo "----" +cat $file +echo "----" + echo "append to file as user without caps" # in particular user doesn't have FSETID or SETFCAP $runas -u $uid $tmp.append +echo "cat file" +echo "----" +cat $file +echo "----" + +echo "ls -P on file" +ls -P $file | _testfilter + +# try again when it doesn't have the EA +echo "append to file as user without caps a 2nd time" +$runas -u $uid $tmp.append + echo "ls -P on file" ls -P $file | _testfilter +echo "cat file" +echo "----" +cat $file +echo "----" + +echo "only let root write to file" +chmod 700 $file +chown root $file + +echo "as non-root try to append to file" +$runas -u $uid $tmp.append 2>&1 | _filefilter + +echo "restore perms on file" +chmod 777 $file + +echo "set a root EA on file" +attr -R -s test -V testval $file | _filefilter + +echo "list EA on file" +attr -R -l $file | _filefilter + +echo "as non-root try to append to file" +$runas -u $uid $tmp.append 2>&1 | _filefilter + +echo "list EA on file" +attr -R -l $file | _filefilter + +chown $uid $file +chmod ugo+w $testdir +echo "as non-root call writemod" +$runas -u $uid src/writemod $file 2>&1 | _filefilter + +echo "cat file" +echo "----" +cat $file +echo "----" + # success, all done status=0 exit diff --git a/093.out b/093.out index 2f57e0752eb86a3589d5329a07c46ede6f503eed..0113a48ca00c2637080cbaa3bcf9bb5cc90dd473 100644 GIT binary patch literal 917 zcmb_b!A=4(5cS-znC#Vn1`iuaJP;(&i=vWvAcU0NA={+eZrWK0fA6$a2m+#sd+JQ5 zGw;25`!WFAQqvL?4kcj;iw#`g-UvaqEh<Nm9hq;eghogSDcH z*#V>X;>g=wgL6=haX1(O5_*BAs_`th*-1P*P}b-TXr!nXteqnK(onF5#+pvh5y)*q zeqRL9P4Toh>qpJ{EQ2vzo)+DQF}hlLuXwK|8il2B=*c>ShHw0K!=4eygki*P`ELZ8t_03lV>$J^xk;_{QNya`JBRANmR_wg3PC delta 19 bcmbQr{)KVEx{0YmldTyACsr#m#c}}vN+JeM diff --git a/src/Makefile b/src/Makefile index e8a8998a..e2e5ad7e 100644 --- a/src/Makefile +++ b/src/Makefile @@ -37,7 +37,7 @@ TARGETS = dirstress fill fill2 getpagesize holes lstat64 \ nametest permname randholes runas truncfile usemem \ mmapcat append_reader append_writer dirperf metaperf \ devzero feature alloc fault fstest t_access_root \ - godown resvtest + godown resvtest writemod LINUX_TARGETS = loggen xfsctl bstat t_mtab diff --git a/src/writemod.c b/src/writemod.c new file mode 100644 index 00000000..bb6d434c --- /dev/null +++ b/src/writemod.c @@ -0,0 +1,81 @@ +/* + * Copyright (c) 2004 Silicon Graphics, Inc. All Rights Reserved. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of version 2 of the GNU General Public License as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it would be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * + * Further, this software is distributed without any warranty that it is + * free of the rightful claim of any third person regarding infringement + * or the like. Any license provided herein, whether implied or + * otherwise, applies only to this software file. Patent licenses, if + * any, provided herein do not apply to combinations of this program with + * other software, or any other product whatsoever. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write the Free Software Foundation, Inc., 59 + * Temple Place - Suite 330, Boston MA 02111-1307, USA. + * + * Contact information: Silicon Graphics, Inc., 1600 Amphitheatre Pkwy, + * Mountain View, CA 94043, or: + * + * http://www.sgi.com + * + * For further information regarding this notice, see: + * + * http://oss.sgi.com/projects/GenInfo/SGIGPLNoticeExplan/ + */ + +/* + * tests out if access checking is done on write path + * 1. opens with write perms + * 2. fchmod to turn off write perms + * 3. writes to file + */ + +#include +#include +#include +#include +#include + +int +main(int argc, char* argv[]) +{ + char *path; + int fd; + char *buf = "hi there"; + ssize_t x; + int sts; + + if (argc != 2) { + fprintf(stderr, "%s: requires path argument\n", argv[0]); + return 1; + } + + path = argv[1]; + + printf("open for write \"%s\" with 777\n", path); + fd = open(path, O_RDWR, 0777); + if (fd == -1) { + perror("open"); + return 1; + } + printf("remove perms on file\n"); + sts = fchmod(fd, 0); + if (sts == -1) { + perror("fchmod"); + return 1; + } + printf("write to the file\n"); + x = write(fd, buf, strlen(buf)+1); + if (x == -1) { + perror("write"); + return 1; + } + return 0; +} -- 2.30.2