{
if (getuid() == 0) {
/* process is running as root, drop privileges */
- if (setgid(5000) != 0)
+ if (setgid(APP_GID) != 0)
return 1;
- if (setuid(5000) != 0)
+ if (setuid(APP_UID) != 0)
return 1;
}
- int uid = getuid();
- if (uid == 5000)
+ uid_t uid = getuid();
+ if (uid == APP_UID)
return 0;
return 1;
RUNNER_ASSERT_MSG(smack_set_label_for_self("BialyMis") == 0, "Unable to set label for self");
RUNNER_ASSERT_MSG(smack_revoke_subject("BialyMis") == 0, "Error in smack_revoke_subject");
//drop privileges
- RUNNER_ASSERT_MSG(setuid(5000) == 0, "Unable to drop privileges");
+ RUNNER_ASSERT_MSG(setuid(APP_UID) == 0, "Unable to drop privileges");
//checking function
uid_t cookieUid;
RUNNER_ASSERT_MSG(smack_set_label_for_self("BialyMis") == 0, "Unable to set label for self");
RUNNER_ASSERT_MSG(apply_smack_rule("BialyMis", "security-server::api-cookie-check", "w") == 0, "Error in adding rule");
//drop privileges
- RUNNER_ASSERT_MSG(setuid(5000) == 0, "Unable to drop privileges");
+ RUNNER_ASSERT_MSG(setuid(APP_UID) == 0, "Unable to drop privileges");
//checking function
uid_t cookieUid;
RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get cookie");
//drop privileges
- RUNNER_ASSERT_MSG(setuid(5000) == 0, "Unable to drop privileges");
+ RUNNER_ASSERT_MSG(setuid(APP_UID) == 0, "Unable to drop privileges");
//checking function
uid_t cookieUid;
RUNNER_ASSERT_MSG(apply_smack_rule("BialyMis", "security-server::api-cookie-check", "w") == 0, "Error in adding rule");
RUNNER_ASSERT_MSG(apply_smack_rule("BialyMis", "security-server::api-cookie-get", "w") == 0, "Error in adding rule");
//drop privileges
- RUNNER_ASSERT_MSG(setuid(5000) == 0, "Unable to drop privileges");
+ RUNNER_ASSERT_MSG(setuid(APP_UID) == 0, "Unable to drop privileges");
std::vector<char> cookie(cookieSize);
int retval = security_server_request_cookie(&cookie[0], cookieSize);
RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size");
//drop privileges
- RUNNER_ASSERT_MSG(setuid(5000) == 0, "Unable to drop privileges");
+ RUNNER_ASSERT_MSG(setuid(APP_UID) == 0, "Unable to drop privileges");
std::vector<char> cookie(cookieSize);
int retval = security_server_request_cookie(&cookie[0], cookieSize);
RUNNER_ASSERT_MSG(smack_set_label_for_self("BialyMis") == 0, "Unable to set label for self");
RUNNER_ASSERT_MSG(smack_revoke_subject("BialyMis") == 0, "Error in smack_revoke_subject");
//drop privileges
- RUNNER_ASSERT_MSG(setgid(5000) == 0, "Unable to drop privileges");
- RUNNER_ASSERT_MSG(setuid(5000) == 0, "Unable to drop privileges");
+ RUNNER_ASSERT_MSG(setgid(APP_GID) == 0, "Unable to drop privileges");
+ RUNNER_ASSERT_MSG(setuid(APP_UID) == 0, "Unable to drop privileges");
//checking function
gid_t cookieGid, realGid;
RUNNER_ASSERT_MSG(smack_set_label_for_self("BialyMis") == 0, "Unable to set label for self");
RUNNER_ASSERT_MSG(apply_smack_rule("BialyMis", "security-server::api-cookie-check", "w") == 0, "Error in adding rule");
//drop privileges
- RUNNER_ASSERT_MSG(setgid(5000) == 0, "Unable to drop privileges");
- RUNNER_ASSERT_MSG(setuid(5000) == 0, "Unable to drop privileges");
+ RUNNER_ASSERT_MSG(setgid(APP_GID) == 0, "Unable to drop privileges");
+ RUNNER_ASSERT_MSG(setuid(APP_UID) == 0, "Unable to drop privileges");
//checking function
gid_t cookieGid;
RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get cookie");
//drop privileges
- RUNNER_ASSERT_MSG(setgid(5000) == 0, "Unable to drop privileges");
- RUNNER_ASSERT_MSG(setuid(5000) == 0, "Unable to drop privileges");
+ RUNNER_ASSERT_MSG(setgid(APP_GID) == 0, "Unable to drop privileges");
+ RUNNER_ASSERT_MSG(setuid(APP_UID) == 0, "Unable to drop privileges");
//checking function
gid_t cookieGid;
RUNNER_ASSERT_MSG(apply_smack_rule("BialyMis", "security-server::api-cookie-check", "w") == 0, "Error in adding rule");
RUNNER_ASSERT_MSG(apply_smack_rule("BialyMis", "security-server::api-cookie-get", "w") == 0, "Error in adding rule");
//drop privileges
- RUNNER_ASSERT_MSG(setgid(5000) == 0, "Unable to drop privileges");
- RUNNER_ASSERT_MSG(setuid(5000) == 0, "Unable to drop privileges");
+ RUNNER_ASSERT_MSG(setgid(APP_GID) == 0, "Unable to drop privileges");
+ RUNNER_ASSERT_MSG(setuid(APP_UID) == 0, "Unable to drop privileges");
std::vector<char> cookie(cookieSize);
int retval = security_server_request_cookie(&cookie[0], cookieSize);
RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size");
//drop privileges
- RUNNER_ASSERT_MSG(setgid(5000) == 0, "Unable to drop privileges");
- RUNNER_ASSERT_MSG(setuid(5000) == 0, "Unable to drop privileges");
+ RUNNER_ASSERT_MSG(setgid(APP_GID) == 0, "Unable to drop privileges");
+ RUNNER_ASSERT_MSG(setuid(APP_UID) == 0, "Unable to drop privileges");
std::vector<char> cookie(cookieSize);
int retval = security_server_request_cookie(&cookie[0], cookieSize);
{
if (getuid() == 0) {
/* process is running as root, drop privileges */
- if (setgid(5000) != 0)
+ if (setgid(APP_GID) != 0)
return 1;
- if (setuid(5000) != 0)
+ if (setuid(APP_UID) != 0)
return 1;
}
- int uid = getuid();
- if (uid == 5000)
+ uid_t uid = getuid();
+ if (uid == APP_UID)
return 0;
return 1;
RUNNER_TEST(tc_security_server_get_object_name_normal_case_trying_6001)
{
- ret = security_server_get_object_name(6001, obj_name, sizeof(obj_name));
+ ret = security_server_get_object_name(DB_ALARM_GID, obj_name, sizeof(obj_name));
SLOGD("Result: %s\n", obj_name);
RUNNER_ASSERT(ret == SECURITY_SERVER_API_SUCCESS);
}
RUNNER_TEST(tc_security_server_get_object_name_too_small_buffer_size)
{
- ret = security_server_get_object_name(6001, obj_name, 5);
+ ret = security_server_get_object_name(DB_ALARM_GID, obj_name, 5);
RUNNER_ASSERT(ret == SECURITY_SERVER_API_ERROR_BUFFER_TOO_SMALL);
}
int ret = -1;
const char *subject_allow = TEST05_SUBJECT;
size_t cookie_size = security_server_get_cookie_size();
- gid_t gid = 5000;
char cookie[20];
char *ss_label = NULL;
char object[SECURITY_SERVER_MAX_OBJ_NAME];
ret = security_server_check_privilege(cookie, ret);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
- ret = security_server_get_object_name(gid, object, sizeof(object));
+ ret = security_server_get_object_name(APP_GID, object, sizeof(object));
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
ret = security_server_get_gid("root");
int ret = -1;
const char *subject_denied = TEST06_SUBJECT;
size_t cookie_size = security_server_get_cookie_size();
- gid_t gid = 6001;
char cookie[20];
char *ss_label = NULL;
char object[SECURITY_SERVER_MAX_OBJ_NAME];
ret = security_server_request_cookie(cookie, cookie_size);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
- ret = security_server_check_privilege(cookie, gid);
+ ret = security_server_check_privilege(cookie, DB_ALARM_GID);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
- ret = security_server_get_object_name(gid, object, sizeof(object));
+ ret = security_server_get_object_name(DB_ALARM_GID, object, sizeof(object));
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
ret = security_server_get_gid("root");
{
int ret = -1;
size_t cookie_size = security_server_get_cookie_size();
- gid_t gid = 5000;
char cookie[20];
char* ss_label = NULL;
char object[SECURITY_SERVER_MAX_OBJ_NAME];
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
"check_privilege failed. Result: " << ret);
- ret = security_server_get_object_name(gid, object, sizeof(object));
+ ret = security_server_get_object_name(APP_GID, object, sizeof(object));
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
"get_object_name failed. Result: " << ret);