Beispiel #1
0
func test9400(t *testing.T) {
	// We synchronize through a shared variable, so we need two procs
	defer runtime.GOMAXPROCS(runtime.GOMAXPROCS(2))

	// Start signaller
	atomic.StoreInt32(&issue9400.Baton, 0)
	go func() {
		// Wait for RewindAndSetgid
		for atomic.LoadInt32(&issue9400.Baton) == 0 {
			runtime.Gosched()
		}
		// Broadcast SIGSETXID
		runtime.LockOSThread()
		C.setgid(0)
		// Indicate that signalling is done
		atomic.StoreInt32(&issue9400.Baton, 0)
	}()

	// Grow the stack and put down a test pattern
	const pattern = 0x123456789abcdef
	var big [1024]uint64 // len must match assmebly
	for i := range big {
		big[i] = pattern
	}

	// Temporarily rewind the stack and trigger SIGSETXID
	issue9400.RewindAndSetgid()

	// Check test pattern
	for i := range big {
		if big[i] != pattern {
			t.Fatalf("entry %d of test pattern is wrong; %#x != %#x", i, big[i], uint64(pattern))
		}
	}
}
Beispiel #2
0
func changeUser(username string) error {
	currentUser, err := user.Current()
	if err != nil {
		return util.Errorf("Could not determine current user: %s", err)
	}

	uid, gid, err := p2_user.IDs(username)
	if err != nil {
		return util.Errorf("Could not retrieve uid/gid for %q: %s", username, err)
	}

	if strconv.Itoa(uid) == currentUser.Uid && strconv.Itoa(gid) == currentUser.Gid {
		return nil
	}

	userCstring := C.CString(username)
	defer C.free(unsafe.Pointer(userCstring))

	ret, err := C.initgroups(userCstring, C.__gid_t(gid))
	if ret != 0 && err != nil {
		return util.Errorf("Could not initgroups for %q (primary gid %v): %s", username, gid, err)
	}
	ret, err = C.setgid(C.__gid_t(gid))
	if ret != 0 && err != nil {
		return util.Errorf("Could not setgid %v: %s", gid, err)
	}
	ret, err = C.setuid(C.__uid_t(uid))
	if ret != 0 && err != nil {
		return util.Errorf("Could not setuid %v: %s", uid, err)
	}
	return nil
}
Beispiel #3
0
//Setgid set the gid to gid
func Setgid(gid int) error {
	ret, err := C.setgid(C.__gid_t(gid))
	if ret == C.int(0) {
		return nil
	}

	return err
}
Beispiel #4
0
func testSetgid(t *testing.T) {
	c := make(chan bool)
	go func() {
		C.setgid(0)
		c <- true
	}()
	select {
	case <-c:
	case <-time.After(5 * time.Second):
		t.Error("setgid hung")
	}
}
Beispiel #5
0
func runTestSetgid() bool {
	c := make(chan bool)
	go func() {
		C.setgid(0)
		c <- true
	}()
	select {
	case <-c:
		return true
	case <-time.After(5 * time.Second):
		return false
	}

}
Beispiel #6
0
func DropPrivileges(name string) {
	cname := C.CString(name)
	home := C.CString("HOME")
	slash := C.CString("/")
	defer C.cfree(unsafe.Pointer(home))
	defer C.cfree(unsafe.Pointer(cname))
	defer C.cfree(unsafe.Pointer(slash))
	cpw := C.getpwnam(cname)
	C.setgid(cpw.pw_gid)
	C.setuid(cpw.pw_uid)
	C.setenv(home, cpw.pw_dir, 1)
	C.setsid()
	C.chdir(slash)
	C.umask(022)
}
Beispiel #7
0
func changeUser(username string) error {
	uid, gid, err := user.IDs(username)
	if err != nil {
		return util.Errorf("Could not retrieve uid/gid for %q: %s", username, err)
	}

	userCstring := C.CString(username)
	defer C.free(unsafe.Pointer(userCstring))

	ret, err := C.initgroups(userCstring, C.int(gid))
	if ret != 0 && err != nil {
		return util.Errorf("Could not initgroups for %q (primary gid %v): %s", username, gid, err)
	}
	ret, err = C.setgid(C.gid_t(gid))
	if ret != 0 && err != nil {
		return util.Errorf("Could not setgid %v: %s", gid, err)
	}
	ret, err = C.setuid(C.uid_t(uid))
	if ret != 0 && err != nil {
		return util.Errorf("Could not setuid %v: %s", uid, err)
	}
	return nil
}