32 lines
1.2 KiB
Plaintext
32 lines
1.2 KiB
Plaintext
# Copyright 2018 The Chromium OS Authors. All rights reserved.
|
|
# Use of this source code is governed by a BSD-style license that can be
|
|
# found in the LICENSE file.
|
|
|
|
TIME="SHORT"
|
|
AUTHOR = "The Chromium OS Authors"
|
|
DOC = """
|
|
Linux provides no way to give a process the CAP_SETUID runtime capability
|
|
without indescriminately allowing that process to change UID to any user on the
|
|
system, including the root user. This is an obstacle to sandboxing system
|
|
services in ChromeOS that spawn programs which setuid() to a different user.
|
|
To solve this problem, we have added functionality to the ChromiumOS LSM which
|
|
allows for configuring per-UID policies in ChromeOS that restrict which UIDs
|
|
can be switched to by processes spawned under the restricted UID.
|
|
"""
|
|
NAME = "security_ProcessManagementPolicy"
|
|
PURPOSE = """
|
|
Prevent compromised non-root processes from being able to escalate
|
|
privileges to root through a simple setuid() call.
|
|
"""
|
|
CRITERIA = """
|
|
This autotest ensures that restricted users can only setuid() to UIDs approved
|
|
by the security policy installed on the system.
|
|
"""
|
|
ATTRIBUTES = "suite:bvt-perbuild"
|
|
TEST_CLASS = "security"
|
|
TEST_CATEGORY = "Functional"
|
|
TEST_TYPE = "client"
|
|
JOB_RETRIES = 2
|
|
|
|
job.run_test("security_ProcessManagementPolicy")
|