1 files changed, 96 insertions, 0 deletions
diff --git a/images/basic/integrationtest/test_sticky.c b/images/basic/integrationtest/test_sticky.c
new file mode 100644
index 000000000..58dcf91d3
--- /dev/null
+++ b/images/basic/integrationtest/test_sticky.c
@@ -0,0 +1,96 @@
+#include <err.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <unistd.h>
+
+void createFile(const char* path) {
+  int fd = open(path, O_WRONLY | O_CREAT, 0777);
+  if (fd < 0) {
+    err(1, "open(%s)", path);
+    exit(1);
+  } else {
+    close(fd);
+  }
+}
+
+void waitAndCheckStatus(pid_t child) {
+  int status;
+  if (waitpid(child, &status, 0) == -1) {
+    err(1, "waitpid() failed");
+    exit(1);
+  }
+
+  if (WIFEXITED(status)) {
+    int es = WEXITSTATUS(status);
+    if (es) {
+      err(1, "child exit status %d", es);
+      exit(1);
+    }
+  } else {
+    err(1, "child did not exit normally");
+    exit(1);
+  }
+}
+
+void deleteFile(uid_t user, const char* path) {
+  pid_t child = fork();
+  if (child == 0) {
+    if (setuid(user)) {
+      err(1, "setuid(%d)", user);
+      exit(1);
+    }
+
+    if (unlink(path)) {
+      err(1, "unlink(%s)", path);
+      exit(1);
+    }
+    exit(0);
+  }
+  waitAndCheckStatus(child);
+}
+
+int main(int argc, char** argv) {
+  const char kUser1Dir[] = "/user1dir";
+  const char kUser2File[] = "/user1dir/user2file";
+  const char kUser2File2[] = "/user1dir/user2file2";
+
+  const uid_t user1 = 6666;
+  const uid_t user2 = 6667;
+
+  if (mkdir(kUser1Dir, 0755) != 0) {
+    err(1, "mkdir(%s)", kUser1Dir);
+    exit(1);
+  }
+  // Enable sticky bit for user1dir.
+  if (chmod(kUser1Dir, 01777) != 0) {
+    err(1, "chmod(%s)", kUser1Dir);
+    exit(1);
+  }
+  createFile(kUser2File);
+  createFile(kUser2File2);
+
+  if (chown(kUser1Dir, user1, getegid())) {
+    err(1, "chown(%s)", kUser1Dir);
+    exit(1);
+  }
+  if (chown(kUser2File, user2, getegid())) {
+    err(1, "chown(%s)", kUser2File);
+    exit(1);
+  }
+  if (chown(kUser2File2, user2, getegid())) {
+    err(1, "chown(%s)", kUser2File2);
+    exit(1);
+  }
+
+  // User1 should be able to delete any file inside user1dir, even files of
+  // other users due to the sticky bit.
+  deleteFile(user1, kUser2File);
+
+  // User2 should naturally be able to delete its own file even if the file is
+  // inside a sticky dir owned by someone else.
+  deleteFile(user2, kUser2File2);
+}