summaryrefslogtreecommitdiffhomepage
path: root/images/basic/integrationtest/test_sticky.c
blob: 58dcf91d30df473864cc408e100354616a54a565 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96

#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <stdlib.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <unistd.h>

void createFile(const char* path) {
  int fd = open(path, O_WRONLY | O_CREAT, 0777);
  if (fd < 0) {
    err(1, "open(%s)", path);
    exit(1);
  } else {
    close(fd);
  }
}

void waitAndCheckStatus(pid_t child) {
  int status;
  if (waitpid(child, &status, 0) == -1) {
    err(1, "waitpid() failed");
    exit(1);
  }

  if (WIFEXITED(status)) {
    int es = WEXITSTATUS(status);
    if (es) {
      err(1, "child exit status %d", es);
      exit(1);
    }
  } else {
    err(1, "child did not exit normally");
    exit(1);
  }
}

void deleteFile(uid_t user, const char* path) {
  pid_t child = fork();
  if (child == 0) {
    if (setuid(user)) {
      err(1, "setuid(%d)", user);
      exit(1);
    }

    if (unlink(path)) {
      err(1, "unlink(%s)", path);
      exit(1);
    }
    exit(0);
  }
  waitAndCheckStatus(child);
}

int main(int argc, char** argv) {
  const char kUser1Dir[] = "/user1dir";
  const char kUser2File[] = "/user1dir/user2file";
  const char kUser2File2[] = "/user1dir/user2file2";

  const uid_t user1 = 6666;
  const uid_t user2 = 6667;

  if (mkdir(kUser1Dir, 0755) != 0) {
    err(1, "mkdir(%s)", kUser1Dir);
    exit(1);
  }
  // Enable sticky bit for user1dir.
  if (chmod(kUser1Dir, 01777) != 0) {
    err(1, "chmod(%s)", kUser1Dir);
    exit(1);
  }
  createFile(kUser2File);
  createFile(kUser2File2);

  if (chown(kUser1Dir, user1, getegid())) {
    err(1, "chown(%s)", kUser1Dir);
    exit(1);
  }
  if (chown(kUser2File, user2, getegid())) {
    err(1, "chown(%s)", kUser2File);
    exit(1);
  }
  if (chown(kUser2File2, user2, getegid())) {
    err(1, "chown(%s)", kUser2File2);
    exit(1);
  }

  // User1 should be able to delete any file inside user1dir, even files of
  // other users due to the sticky bit.
  deleteFile(user1, kUser2File);

  // User2 should naturally be able to delete its own file even if the file is
  // inside a sticky dir owned by someone else.
  deleteFile(user2, kUser2File2);
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-06 19:28:46 +0000