| 1 | /*
|
|---|
| 2 | Unix SMB/Netbios implementation.
|
|---|
| 3 | Version 1.9.
|
|---|
| 4 | Security context tests
|
|---|
| 5 | Copyright (C) Tim Potter 2000
|
|---|
| 6 |
|
|---|
| 7 | This program is free software; you can redistribute it and/or modify
|
|---|
| 8 | it under the terms of the GNU General Public License as published by
|
|---|
| 9 | the Free Software Foundation; either version 2 of the License, or
|
|---|
| 10 | (at your option) any later version.
|
|---|
| 11 |
|
|---|
| 12 | This program is distributed in the hope that it will be useful,
|
|---|
| 13 | but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|---|
| 14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|---|
| 15 | GNU General Public License for more details.
|
|---|
| 16 |
|
|---|
| 17 | You should have received a copy of the GNU General Public License
|
|---|
| 18 | along with this program; if not, write to the Free Software
|
|---|
| 19 | Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|---|
| 20 | */
|
|---|
| 21 |
|
|---|
| 22 | #include "includes.h"
|
|---|
| 23 | #include "se_access_check_utils.h"
|
|---|
| 24 |
|
|---|
| 25 | /* Globals */
|
|---|
| 26 |
|
|---|
| 27 | BOOL failed;
|
|---|
| 28 |
|
|---|
| 29 | /* Check that access is always allowed for a NULL security descriptor */
|
|---|
| 30 |
|
|---|
| 31 | BOOL nullsd_check(struct passwd *pw, int ngroups, gid_t *groups)
|
|---|
| 32 | {
|
|---|
| 33 | uint32 acc_granted, status;
|
|---|
| 34 | BOOL result;
|
|---|
| 35 |
|
|---|
| 36 | result = se_access_check(NULL, pw->pw_uid, pw->pw_gid,
|
|---|
| 37 | ngroups, groups,
|
|---|
| 38 | SEC_RIGHTS_MAXIMUM_ALLOWED,
|
|---|
| 39 | &acc_granted, &status);
|
|---|
| 40 |
|
|---|
| 41 | if (!result || status != NT_STATUS_NO_PROBLEMO ||
|
|---|
| 42 | acc_granted != SEC_RIGHTS_MAXIMUM_ALLOWED) {
|
|---|
| 43 | printf("FAIL: null se_access_check %d/%d\n",
|
|---|
| 44 | pw->pw_uid, pw->pw_gid);
|
|---|
| 45 | failed = True;
|
|---|
| 46 | }
|
|---|
| 47 |
|
|---|
| 48 | printf("access check passed for user %s (%d/%d)\n",
|
|---|
| 49 | pw->pw_name, pw->pw_uid, pw->pw_gid);
|
|---|
| 50 |
|
|---|
| 51 | return True;
|
|---|
| 52 | }
|
|---|
| 53 |
|
|---|
| 54 | /* Main function */
|
|---|
| 55 |
|
|---|
| 56 | int main(int argc, char **argv)
|
|---|
| 57 | {
|
|---|
| 58 | /* Initialisation */
|
|---|
| 59 |
|
|---|
| 60 | generate_wellknown_sids();
|
|---|
| 61 |
|
|---|
| 62 | /* Run test */
|
|---|
| 63 |
|
|---|
| 64 | visit_pwdb(nullsd_check);
|
|---|
| 65 |
|
|---|
| 66 | /* Return */
|
|---|
| 67 |
|
|---|
| 68 | if (!failed) {
|
|---|
| 69 | printf("PASS\n");
|
|---|
| 70 | return 0;
|
|---|
| 71 | }
|
|---|
| 72 |
|
|---|
| 73 | return 1;
|
|---|
| 74 | }
|
|---|
