1 /* $OpenBSD: setegid.c,v 1.1 2014/08/27 07:36:14 blambert Exp $ */ 2 /* 3 * Written by Bret Stephen Lambert <blambert@openbsd.org> 2014 4 * Public Domain. 5 */ 6 7 #include <sys/types.h> 8 #include <sys/param.h> 9 #include <sys/proc.h> 10 #include <sys/sysctl.h> 11 #include <sys/wait.h> 12 13 #include <err.h> 14 #include <stdio.h> 15 #include <stdlib.h> 16 #include <pwd.h> 17 #include <unistd.h> 18 19 #include "setuid_regress.h" 20 21 int 22 main(int argc, const char *argv[]) 23 { 24 struct kinfo_proc kproc; 25 struct passwd *pw; 26 gid_t gid; 27 28 gid = getgid(); 29 30 if ((pw = getpwnam(_SETUID_REGRESS_USER)) == NULL) 31 err(1, "unknown user \"%s\"", _SETUID_REGRESS_USER); 32 33 if (setegid(pw->pw_gid) == -1) 34 err(1, "setegid 0"); 35 36 if (getegid() != pw->pw_gid) 37 errx(1, "mismatched effective gids"); 38 39 /* should only respond to setuid upon exec */ 40 if (issetugid()) 41 errx(1, "process incorrectly marked as issetugid()"); 42 43 if (read_kproc_pid(&kproc, getpid()) == -1) 44 err(1, "kproc read 0 failed"); 45 46 if (!(kproc.p_psflags & PS_SUGID)) 47 errx(1, "PS_SUGID not set"); 48 if (kproc.p_psflags & PS_SUGIDEXEC) 49 errx(1, "PS_SUGIDEXEC incorrectly set"); 50 51 /* at this point, we should be able to reset our gid */ 52 if (setegid(gid) == -1) 53 err(1, "setegid 1"); 54 55 if (read_kproc_pid(&kproc, getpid()) == -1) 56 err(1, "kproc read 0 failed"); 57 58 if (!(kproc.p_psflags & PS_SUGID)) 59 errx(1, "PS_SUGID not set"); 60 if (kproc.p_psflags & PS_SUGIDEXEC) 61 errx(1, "PS_SUGIDEXEC incorrectly set"); 62 63 exit(0); 64 } 65