cvs commit: src/tools/regression/priv Makefile main.c main.h
priv_acct.c priv_adjtime.c priv_audit_control.c
priv_audit_getaudit.c priv_audit_setaudit.c priv_audit_submit.c
priv_clock_settime.c priv_cred.c priv_io.c priv_kenv_set.c ...
Robert Watson
rwatson at FreeBSD.org
Sun Sep 9 16:08:40 PDT 2007
rwatson 2007-09-09 23:08:40 UTC
FreeBSD src repository
Modified files:
tools/regression/priv Makefile main.c main.h priv_acct.c
priv_adjtime.c priv_clock_settime.c
priv_io.c priv_kenv_set.c
priv_kenv_unset.c priv_proc_setlogin.c
priv_proc_setrlimit.c
priv_sched_rtprio.c
priv_sched_setpriority.c
priv_settimeofday.c priv_sysctl_write.c
priv_vfs_chown.c priv_vfs_chroot.c
priv_vfs_clearsugid.c
priv_vfs_extattr_system.c
priv_vfs_fhopen.c priv_vfs_fhstat.c
priv_vfs_fhstatfs.c
priv_vfs_generation.c priv_vfs_getfh.c
priv_vfs_read_write.c priv_vfs_setgid.c
priv_vfs_stickyfile.c
priv_vm_madv_protect.c priv_vm_mlock.c
priv_vm_munlock.c
Added files:
tools/regression/priv priv_audit_control.c
priv_audit_getaudit.c
priv_audit_setaudit.c
priv_audit_submit.c priv_cred.c
priv_msgbuf.c priv_netinet_raw.c
priv_vfs_chflags.c priv_vfs_chmod.c
priv_vfs_utimes.c
Removed files:
tools/regression/priv priv_vfs_admin.c test_utimes.c
Log:
Enhance and expand kernel privilege regression tests in support of
work present in FreeBSD 7.0 to refine the kernel privilege model:
- Introduce support for jail as a testing variable, in order to
confirm that privileges are properly restricted in the jail
environment.
- Restructure overall testing approach so that privilege and jail
conditions are set in the testing infrastructure before tests
are invoked, and done so in a custom-created process to isolate
the impact of tests from each other in a more consistent way.
- Tests now provide setup and cleanup hooks that occur before and
after the test runs.
- New privilege tests are now present for several audit
privileges, several credential management privileges, dmesg
buffer reading privilege, and netinet raw socket creation.
- Other existing tests are restructured and generally improved as
a result of better framework structure and jail as a variable.
For exampe, we now test that certain sysctls are writable only
outside jail, while others are writable within jail. On a
similar note, privileges relating to setting UFS file flags are
now better exercised, as with the right to chmod and utimes
files.
Approved by: re (bmah)
Obtained from: TrustedBSD Project
Revision Changes Path
1.2 +14 -6 src/tools/regression/priv/Makefile
1.2 +385 -72 src/tools/regression/priv/main.c
1.2 +261 -38 src/tools/regression/priv/main.h
1.2 +110 -110 src/tools/regression/priv/priv_acct.c
1.2 +35 -26 src/tools/regression/priv/priv_adjtime.c
1.1 +85 -0 src/tools/regression/priv/priv_audit_control.c (new)
1.1 +102 -0 src/tools/regression/priv/priv_audit_getaudit.c (new)
1.1 +109 -0 src/tools/regression/priv/priv_audit_setaudit.c (new)
1.1 +88 -0 src/tools/regression/priv/priv_audit_submit.c (new)
1.2 +33 -25 src/tools/regression/priv/priv_clock_settime.c
1.1 +208 -0 src/tools/regression/priv/priv_cred.c (new)
1.2 +46 -69 src/tools/regression/priv/priv_io.c
1.2 +26 -18 src/tools/regression/priv/priv_kenv_set.c
1.2 +27 -25 src/tools/regression/priv/priv_kenv_unset.c
1.1 +152 -0 src/tools/regression/priv/priv_msgbuf.c (new)
1.1 +82 -0 src/tools/regression/priv/priv_netinet_raw.c (new)
1.2 +40 -25 src/tools/regression/priv/priv_proc_setlogin.c
1.2 +114 -81 src/tools/regression/priv/priv_proc_setrlimit.c
1.2 +224 -129 src/tools/regression/priv/priv_sched_rtprio.c
1.2 +97 -87 src/tools/regression/priv/priv_sched_setpriority.c
1.2 +32 -25 src/tools/regression/priv/priv_settimeofday.c
1.2 +75 -36 src/tools/regression/priv/priv_sysctl_write.c
1.2 +0 -328 src/tools/regression/priv/priv_vfs_admin.c (dead)
1.1 +254 -0 src/tools/regression/priv/priv_vfs_chflags.c (new)
1.1 +146 -0 src/tools/regression/priv/priv_vfs_chmod.c (new)
1.2 +94 -100 src/tools/regression/priv/priv_vfs_chown.c
1.2 +23 -13 src/tools/regression/priv/priv_vfs_chroot.c
1.2 +73 -136 src/tools/regression/priv/priv_vfs_clearsugid.c
1.2 +44 -34 src/tools/regression/priv/priv_vfs_extattr_system.c
1.2 +42 -37 src/tools/regression/priv/priv_vfs_fhopen.c
1.2 +38 -36 src/tools/regression/priv/priv_vfs_fhstat.c
1.2 +41 -37 src/tools/regression/priv/priv_vfs_fhstatfs.c
1.2 +62 -55 src/tools/regression/priv/priv_vfs_generation.c
1.2 +27 -26 src/tools/regression/priv/priv_vfs_getfh.c
1.2 +182 -293 src/tools/regression/priv/priv_vfs_read_write.c
1.2 +61 -83 src/tools/regression/priv/priv_vfs_setgid.c
1.2 +135 -81 src/tools/regression/priv/priv_vfs_stickyfile.c
1.1 +224 -0 src/tools/regression/priv/priv_vfs_utimes.c (new)
1.2 +25 -13 src/tools/regression/priv/priv_vm_madv_protect.c
1.2 +22 -13 src/tools/regression/priv/priv_vm_mlock.c
1.2 +23 -13 src/tools/regression/priv/priv_vm_munlock.c
1.2 +0 -153 src/tools/regression/priv/test_utimes.c (dead)
More information about the cvs-src
mailing list