mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-08 18:31:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor/tests/regression/subdomain/ptrace.sh
Steve Beattie 92c9c8732d [This commit is taken from commits 6391, 6401, and 6402 of the internal tree.] 
tonyj:
- Verify long path (d_path) error checking. (6391)
- Better ptrace tests. (6401)
- Confined mount tests require cap_sys_admin to even get to the confined
  checks. (6402)
2006-05-19 16:50:17 +00:00

80 lines
2.6 KiB
Bash
Executable file
Raw Blame History

#! /bin/bash
# $Id$
# Copyright (C) 2002-2005 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, version 2 of the
# License.
#=NAME ptrace
#=DESCRIPTION
# Verify ptrace. The tracing process (attacher or parent of ptrace_me) may
# not be confined.
#
#=END
pwd=`dirname $0`
pwd=`cd $pwd ; /bin/pwd`
bin=$pwd
. $bin/prologue.inc
# Disabled tests:
# Tests 3b and 4b
# Read permission was required for a confined process to be able to be traced
# using ptrace. This stopped being required or functioning correctly
# somewhere between 2.4.18 and 2.4.20.
#
# Tests 10 and 11
# Requires a patch which prevents confined traced task from attempting exec.
# Unsure of usefulness of this. We are concerned about confined task being
# the tracer not the tracee
# Test Matrix:
# 1. unconfined parent, unconfined child, parent attaches PASS
# 2. unconfined parent, unconfined child, child requests tracing PASS
# 3a. unconfined parent, confined child (r), parent attaches PASS
# 4a. unconfined parent, confined child (r), child requests tracing PASS
# 3b. unconfined parent, confined child (!r), parent attaches FAIL
# 4b. unconfined parent, confined child (!r), child requests tracing FAIL
# 5. confined parent, unconfined child, parent attaches FAIL
# 6. confined parent, unconfined child, child requests tracing FAIL
# 7. confined parent, confined child, parent attaches FAIL
# 8. confined parent, confined child, child requests tracing FAIL
# 9. unconfined traced task attempts exec PASS
# 10. confined traced task attempts exec unconfined FAIL
# 11. confined traced task attempts exec confined FAIL
helper=$pwd/ptrace_helper
runchecktest "test 1" pass -n 100 /bin/true
runchecktest "test 2" pass -c -n 100 /bin/true
genprofile image=$helper
runchecktest "test 3a" pass -h -n 100 $helper
runchecktest "test 4a" pass -h -n 100 -c $helper
# lack of 'r' perm is currently not working
#genprofile image=ix$helper
#runchecktest "test 3b" pass -h -n 100 $helper
#runchecktest "test 4b" pass -h -n 100 -c $helper
genprofile $helper:ux
runchecktest "test 5" fail -h -n 100 $helper
runchecktest "test 6" fail -h -n 100 -c $helper
genprofile $helper:px -- image=$helper
runchecktest "test 7" fail -h -n 100 $helper
runchecktest "test 8" fail -h -n 100 -c $helper
genprofile image=/bin/true
runchecktest "test 9" pass -- /bin/bash -c /bin/true
#genprofile image=$helper /bin/true:ux
#runchecktest "test 10" fail -h -n 100 $helper /bin/true
#genprofile image=$helper /bin/true:rix
#runchecktest "test 11" fail -h -n 1000 $helper /bin/true
Reference in a new issue View git blame Copy permalink