diff options
| author | Sadaf Ebrahimi <sadafebrahimi@google.com> | 2022-10-11 16:49:46 +0000 |
|---|---|---|
| committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2022-10-11 16:49:46 +0000 |
| commit | e61c65778b22599546e46eee12f857dd1c28f89e (patch) | |
| tree | acb9cff934a953665142b6e8821d628608a7e498 /progs/quicktest.sh | |
| parent | d61e648941c5542778ce2d8c0e593c2250fc1f43 (diff) | |
| parent | 060326df867468f0ae2cb0943a83831d9a08a86d (diff) | |
| download | libcap-e61c65778b22599546e46eee12f857dd1c28f89e.tar.gz | |
Upgrade libcap to libcap-2.53 am: fbfa21662e am: ebeee9aaa2 am: 060326df86android-14.0.0_r45android-14.0.0_r44android-14.0.0_r43android-14.0.0_r42android-14.0.0_r41android-14.0.0_r40android-14.0.0_r39android-14.0.0_r38android-14.0.0_r27android-14.0.0_r26android-14.0.0_r25android-14.0.0_r24android-14.0.0_r23android-14.0.0_r22android-14.0.0_r21android-14.0.0_r20android-14.0.0_r19android-14.0.0_r18android-14.0.0_r17android-14.0.0_r16aml_rkp_341510000aml_rkp_341311000aml_rkp_341114000aml_rkp_341015010aml_rkp_341012000aml_hef_341717050aml_hef_341613000aml_hef_341512030aml_hef_341415040aml_hef_341311010aml_hef_341114030aml_cfg_341510000android14-qpr1-s2-releaseandroid14-qpr1-releaseandroid14-mainline-healthfitness-releaseandroid14-devandroid14-d2-s5-releaseandroid14-d2-s4-releaseandroid14-d2-s3-releaseandroid14-d2-s2-releaseandroid14-d2-s1-releaseandroid14-d2-release
Original change: https://android-review.googlesource.com/c/platform/external/libcap/+/2247493
Change-Id: Ibcfc4548c618bebf075ebcf5613e859ad8c75de5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
Diffstat (limited to 'progs/quicktest.sh')
| -rwxr-xr-x | progs/quicktest.sh | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/progs/quicktest.sh b/progs/quicktest.sh index 6aa2598..ba64ab5 100755 --- a/progs/quicktest.sh +++ b/progs/quicktest.sh @@ -1,7 +1,7 @@ #!/bin/bash # # Run through a series of tests to try out the various capability -# manipulations posible through exec. +# manipulations possible through exec. # # [Run this as root in a root-enabled process tree.] @@ -43,6 +43,7 @@ pass_capsh () { } pass_capsh --print +pass_capsh --current # Validate that PATH expansion works PATH=$(/bin/pwd)/junk:$(/bin/pwd) capsh == == == --modes @@ -89,7 +90,7 @@ pass_capsh --keep=0 --keep=1 --keep=0 --keep=1 --print /bin/chmod u+s tcapsh /bin/ls -l tcapsh -# leverage keep caps to maintain capabilities accross a change of euid +# leverage keep caps to maintain capabilities across a change of euid # from setuid root to capable luser (as per wireshark/dumpcap 0.99.7) # This test is subtle. It is testing that a change to self, dropping # euid=0 back to that of the luser keeps capabilities. @@ -204,7 +205,7 @@ EOF # Next force the privileged binary to have an empty capability set. # This is sort of the opposite of privileged - it should ensure that - # the file can never aquire privilege by the ambient method. + # the file can never acquire privilege by the ambient method. ./setcap = ./privileged fail_capsh --keep=1 --uid=$nouid --inh=cap_setuid --addamb=cap_setuid -- -c "./privileged --print --uid=1" @@ -259,4 +260,11 @@ else fi rm -f compare-cap +echo "attempt to exploit kernel bug" +./uns_test +if [ $? -ne 0 ]; then + echo "upgrade your kernel" + exit 1 +fi + echo "ALL TESTS PASSED!" |