PERFORCE change 83852 for review
Christian S.J. Peron
csjp at FreeBSD.org
Sun Sep 18 17:27:05 GMT 2005
http://perforce.freebsd.org/chv.cgi?CH=83852
Change 83852 by csjp at csjp_xor on 2005/09/18 17:26:46
Add a test which attempts to use setextattr to get around the policy
to manipulate checksum information.
Affected files ...
.. //depot/projects/trustedbsd/mac/tools/regression/mac/mac_chkexec/mac_chkexec.t#4 edit
Differences ...
==== //depot/projects/trustedbsd/mac/tools/regression/mac/mac_chkexec/mac_chkexec.t#4 (text+ko) ====
@@ -11,7 +11,7 @@
sysctl security.mac.chkexec.enforce=0
rm -fr /tmp/prog.sh
-echo "1..10"
+echo "1..11"
#
# Make sure that we are dis-allowing the execution of programs which do
@@ -142,3 +142,14 @@
else
echo ok 10
fi
+
+#
+# Attempt to set the EA using setextattr, this should fail when the policy
+# is loaded.
+#
+setextattr system chkexec test /tmp/prog.sh
+if [ $? -eq 0 ]; then
+ echo not ok 11
+else
+ echo ok 11
+fi
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list