1 # Copyright 2018 The Chromium OS Authors. All rights reserved. 2 # Use of this source code is governed by a BSD-style license that can be 3 # found in the LICENSE file. 4 5 TIME="SHORT" 6 AUTHOR = "The Chromium OS Authors" 7 DOC = """ 8 Linux provides no way to give a process the CAP_SETUID runtime capability 9 without indescriminately allowing that process to change UID to any user on the 10 system, including the root user. This is an obstacle to sandboxing system 11 services in ChromeOS that spawn programs which setuid() to a different user. 12 To solve this problem, we have added functionality to the ChromiumOS LSM which 13 allows for configuring per-UID policies in ChromeOS that restrict which UIDs 14 can be switched to by processes spawned under the restricted UID. 15 """ 16 NAME = "security_ProcessManagementPolicy" 17 PURPOSE = """ 18 Prevent compromised non-root processes from being able to escalate 19 privileges to root through a simple setuid() call. 20 """ 21 CRITERIA = """ 22 This autotest ensures that restricted users can only setuid() to UIDs approved 23 by the security policy installed on the system. 24 """ 25 ATTRIBUTES = "suite:bvt-perbuild" 26 TEST_CLASS = "security" 27 TEST_CATEGORY = "Functional" 28 TEST_TYPE = "client" 29 JOB_RETRIES = 2 30 31 job.run_test("security_ProcessManagementPolicy") 32
