[LTP] [PATCH RESEND] syscalls/prctl06.c: New test for prctl() with PR_{SET, GET}_NO_NEW_PRIVS
Yang Xu
xuyang2018.jy@cn.fujitsu.com
Fri Jul 12 06:34:06 CEST 2019
> Hi!
>>> We are executing setuid binary that was created by root here so
>>> shouldn't we just check that getuid() and getgid() returns 0?
>>>
>> I try it. whether we set or not set new privs, the getuid() or getgid() return nobody in
>> prctl06_execve. Or, I misunderstand your advise?
> Looking closely into the manuals the setuid and setgid bits are supposed
> to set the effective ids, so I guess that the geteuid() and getegid()
> will return 0 when the process was executed without the prctl().
>
Hi Cyril
Yes. I will remove capeff and setuid,setgid check in my v3 patch. For the prctl value
and check that it cannot be unset, I think it is a error test as manpage said
"prctl() fails with EINVAL when options is PR_SET_NO_NEW_PRIVS& arg2 is not equal to 1 or arg3, arg4, or arg5 is nonzero."
I will add it into prctl02.c. Also, there are many error conditions for prctl. So I think when my prctl07.c are merged into
ltp, I will increase prctl02.c together.
Thanks
Yang Xu
More information about the ltp
mailing list