On Sun, Nov 06, 2016 at 11:56:31PM +0700, Robert Elz wrote:
> Date: Sun, 6 Nov 2016 16:24:16 +0000
> From: "Kamil Rytarowski" <ka...@netbsd.org>
> Message-ID: <20161106162416.95d77f...@cvs.netbsd.org>
>
> | assert_pid1 asserts that non-root user cannot attach to PID 1 as it is the
> | /dev/init process. This tests is skipped if run as root.
>
> There's no need to skip it, just
>
> child=fork(); /* err if -1 */
> if (child == 0) {
> (void)setuid(10);
> if (ptrace(.....) < 0)
> _exit(errno);
> else
> _exit(0);
> }
> waitpid(child, &status, 0);
> /* and check status */
>
> If you're root, the setuid() works, and the child isn't root any more.
> if you happened to be uid(10), the setuid() is a no-op, if you were some
> other user the setuid() fails, but you don't care.
Or use dedicated ATF properties :
atf_tc_set_md_var(tc, "require.user", "unprivileged");
Documented in atf-test-case(4).
--
Nicolas Joly
Cluster & Computing Group
Biology IT Center
Institut Pasteur, Paris.
