Date: Sun, 18 Sep 2005 17:27:05 GMT From: "Christian S.J. Peron" <csjp@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 83852 for review Message-ID: <200509181727.j8IHR5u2053821@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=83852 Change 83852 by csjp@csjp_xor on 2005/09/18 17:26:46 Add a test which attempts to use setextattr to get around the policy to manipulate checksum information. Affected files ... .. //depot/projects/trustedbsd/mac/tools/regression/mac/mac_chkexec/mac_chkexec.t#4 edit Differences ... ==== //depot/projects/trustedbsd/mac/tools/regression/mac/mac_chkexec/mac_chkexec.t#4 (text+ko) ==== @@ -11,7 +11,7 @@ sysctl security.mac.chkexec.enforce=0 rm -fr /tmp/prog.sh -echo "1..10" +echo "1..11" # # Make sure that we are dis-allowing the execution of programs which do @@ -142,3 +142,14 @@ else echo ok 10 fi + +# +# Attempt to set the EA using setextattr, this should fail when the policy +# is loaded. +# +setextattr system chkexec test /tmp/prog.sh +if [ $? -eq 0 ]; then + echo not ok 11 +else + echo ok 11 +fi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200509181727.j8IHR5u2053821>