1# Copyright 2018 The Chromium OS Authors. All rights reserved. 2# Use of this source code is governed by a BSD-style license that can be 3# found in the LICENSE file. 4 5TIME="SHORT" 6AUTHOR = "The Chromium OS Authors" 7DOC = """ 8Linux provides no way to give a process the CAP_SETUID runtime capability 9without indescriminately allowing that process to change UID to any user on the 10system, including the root user. This is an obstacle to sandboxing system 11services in ChromeOS that spawn programs which setuid() to a different user. 12To solve this problem, we have added functionality to the ChromiumOS LSM which 13allows for configuring per-UID policies in ChromeOS that restrict which UIDs 14can be switched to by processes spawned under the restricted UID. 15""" 16NAME = "security_ProcessManagementPolicy" 17PURPOSE = """ 18Prevent compromised non-root processes from being able to escalate 19privileges to root through a simple setuid() call. 20""" 21CRITERIA = """ 22This autotest ensures that restricted users can only setuid() to UIDs approved 23by the security policy installed on the system. 24""" 25ATTRIBUTES = "suite:bvt-perbuild" 26TEST_CLASS = "security" 27TEST_CATEGORY = "Functional" 28TEST_TYPE = "client" 29JOB_RETRIES = 2 30 31job.run_test("security_ProcessManagementPolicy") 32