1f08c3bdfSopenharmony_ci// SPDX-License-Identifier: GPL-2.0-or-later 2f08c3bdfSopenharmony_ci/* 3f08c3bdfSopenharmony_ci * Copyright (c) International Business Machines Corp., 2004 4f08c3bdfSopenharmony_ci * 07/2004 Written by Dan Jones 5f08c3bdfSopenharmony_ci * 07/2004 Ported to LTP format by Robbie Williamson 6f08c3bdfSopenharmony_ci * Copyright (c) 2019 Martin Doucha <mdoucha@suse.cz> 7f08c3bdfSopenharmony_ci */ 8f08c3bdfSopenharmony_ci 9f08c3bdfSopenharmony_ci/* 10f08c3bdfSopenharmony_ci * Test Description: 11f08c3bdfSopenharmony_ci * Make sure bind() of privileged port gives EACCESS error for non-root users. 12f08c3bdfSopenharmony_ci */ 13f08c3bdfSopenharmony_ci 14f08c3bdfSopenharmony_ci#include <string.h> 15f08c3bdfSopenharmony_ci#include <unistd.h> 16f08c3bdfSopenharmony_ci#include <pwd.h> 17f08c3bdfSopenharmony_ci#include <grp.h> 18f08c3bdfSopenharmony_ci 19f08c3bdfSopenharmony_ci#include <sys/types.h> 20f08c3bdfSopenharmony_ci#include <sys/socket.h> 21f08c3bdfSopenharmony_ci#include <netinet/in.h> 22f08c3bdfSopenharmony_ci 23f08c3bdfSopenharmony_ci#include "tst_test.h" 24f08c3bdfSopenharmony_ci 25f08c3bdfSopenharmony_ci/* This port needs to be a privileged port */ 26f08c3bdfSopenharmony_ci#define TCP_PRIVILEGED_PORT 463 27f08c3bdfSopenharmony_ci#define TEST_USERNAME "nobody" 28f08c3bdfSopenharmony_ci 29f08c3bdfSopenharmony_cistatic void run(void) 30f08c3bdfSopenharmony_ci{ 31f08c3bdfSopenharmony_ci struct sockaddr_in servaddr; 32f08c3bdfSopenharmony_ci int sockfd; 33f08c3bdfSopenharmony_ci 34f08c3bdfSopenharmony_ci sockfd = SAFE_SOCKET(AF_INET, SOCK_STREAM, 0); 35f08c3bdfSopenharmony_ci memset(&servaddr, 0, sizeof(servaddr)); 36f08c3bdfSopenharmony_ci servaddr.sin_family = AF_INET; 37f08c3bdfSopenharmony_ci servaddr.sin_port = htons(TCP_PRIVILEGED_PORT); 38f08c3bdfSopenharmony_ci servaddr.sin_addr.s_addr = htonl(INADDR_ANY); 39f08c3bdfSopenharmony_ci TST_EXP_FAIL(bind(sockfd, (struct sockaddr *)&servaddr, sizeof(servaddr)), 40f08c3bdfSopenharmony_ci EACCES, "bind()"); 41f08c3bdfSopenharmony_ci SAFE_CLOSE(sockfd); 42f08c3bdfSopenharmony_ci} 43f08c3bdfSopenharmony_ci 44f08c3bdfSopenharmony_cistatic void setup(void) 45f08c3bdfSopenharmony_ci{ 46f08c3bdfSopenharmony_ci struct passwd *pw; 47f08c3bdfSopenharmony_ci struct group *gr; 48f08c3bdfSopenharmony_ci 49f08c3bdfSopenharmony_ci pw = SAFE_GETPWNAM(TEST_USERNAME); 50f08c3bdfSopenharmony_ci gr = SAFE_GETGRGID(pw->pw_gid); 51f08c3bdfSopenharmony_ci 52f08c3bdfSopenharmony_ci tst_res(TINFO, "Switching credentials to user: %s, group: %s", 53f08c3bdfSopenharmony_ci pw->pw_name, gr->gr_name); 54f08c3bdfSopenharmony_ci SAFE_SETEGID(gr->gr_gid); 55f08c3bdfSopenharmony_ci SAFE_SETEUID(pw->pw_uid); 56f08c3bdfSopenharmony_ci} 57f08c3bdfSopenharmony_ci 58f08c3bdfSopenharmony_cistatic struct tst_test test = { 59f08c3bdfSopenharmony_ci .test_all = run, 60f08c3bdfSopenharmony_ci .needs_root = 1, 61f08c3bdfSopenharmony_ci .setup = setup, 62f08c3bdfSopenharmony_ci}; 63