head	1.3;
access;
symbols
	RELENG_8_4:1.3.0.2
	RELENG_9_1_0_RELEASE:1.2.42.1.4.2
	RELENG_9_1:1.2.42.1.0.4
	RELENG_9_1_BP:1.2.42.1
	RELENG_8_3_0_RELEASE:1.2.36.1.8.1
	RELENG_8_3:1.2.36.1.0.8
	RELENG_8_3_BP:1.2.36.1
	RELENG_9_0_0_RELEASE:1.2.42.1.2.1
	RELENG_9_0:1.2.42.1.0.2
	RELENG_9_0_BP:1.2.42.1
	RELENG_9:1.2.0.42
	RELENG_9_BP:1.2
	RELENG_7_4_0_RELEASE:1.2.40.1
	RELENG_8_2_0_RELEASE:1.2.36.1.6.1
	RELENG_7_4:1.2.0.40
	RELENG_7_4_BP:1.2
	RELENG_8_2:1.2.36.1.0.6
	RELENG_8_2_BP:1.2.36.1
	RELENG_8_1_0_RELEASE:1.2.36.1.4.1
	RELENG_8_1:1.2.36.1.0.4
	RELENG_8_1_BP:1.2.36.1
	RELENG_7_3_0_RELEASE:1.2.38.1
	RELENG_7_3:1.2.0.38
	RELENG_7_3_BP:1.2
	RELENG_8_0_0_RELEASE:1.2.36.1.2.1
	RELENG_8_0:1.2.36.1.0.2
	RELENG_8_0_BP:1.2.36.1
	RELENG_8:1.2.0.36
	RELENG_8_BP:1.2
	RELENG_7_2_0_RELEASE:1.2.34.1
	RELENG_7_2:1.2.0.34
	RELENG_7_2_BP:1.2
	RELENG_7_1_0_RELEASE:1.2.32.1
	RELENG_6_4_0_RELEASE:1.2.30.1
	RELENG_7_1:1.2.0.32
	RELENG_7_1_BP:1.2
	RELENG_6_4:1.2.0.30
	RELENG_6_4_BP:1.2
	RELENG_7_0_0_RELEASE:1.2
	RELENG_6_3_0_RELEASE:1.2
	RELENG_7_0:1.2.0.28
	RELENG_7_0_BP:1.2
	RELENG_6_3:1.2.0.26
	RELENG_6_3_BP:1.2
	RELENG_7:1.2.0.24
	RELENG_7_BP:1.2
	RELENG_6_2_0_RELEASE:1.2
	RELENG_6_2:1.2.0.22
	RELENG_6_2_BP:1.2
	RELENG_5_5_0_RELEASE:1.2
	RELENG_5_5:1.2.0.20
	RELENG_5_5_BP:1.2
	RELENG_6_1_0_RELEASE:1.2
	RELENG_6_1:1.2.0.18
	RELENG_6_1_BP:1.2
	RELENG_6_0_0_RELEASE:1.2
	RELENG_6_0:1.2.0.16
	RELENG_6_0_BP:1.2
	RELENG_6:1.2.0.14
	RELENG_6_BP:1.2
	RELENG_5_4_0_RELEASE:1.2
	RELENG_5_4:1.2.0.12
	RELENG_5_4_BP:1.2
	RELENG_5_3_0_RELEASE:1.2
	RELENG_5_3:1.2.0.10
	RELENG_5_3_BP:1.2
	RELENG_5:1.2.0.8
	RELENG_5_BP:1.2
	RELENG_5_2_1_RELEASE:1.2
	RELENG_5_2_0_RELEASE:1.2
	RELENG_5_2:1.2.0.6
	RELENG_5_2_BP:1.2
	RELENG_5_1_0_RELEASE:1.2
	RELENG_5_1:1.2.0.4
	RELENG_5_1_BP:1.2
	RELENG_5_0_0_RELEASE:1.2
	RELENG_5_0:1.2.0.2
	RELENG_5_0_BP:1.2;
locks; strict;
comment	@# @;


1.3
date	2012.11.17.01.53.56;	author svnexp;	state Exp;
branches
	1.3.2.1;
next	1.2;

1.2
date	2001.04.12.17.46.20;	author rwatson;	state Exp;
branches
	1.2.14.1
	1.2.24.1
	1.2.30.1
	1.2.32.1
	1.2.34.1
	1.2.36.1
	1.2.38.1
	1.2.40.1
	1.2.42.1;
next	1.1;

1.1
date	2001.04.11.17.21.14;	author rwatson;	state Exp;
branches;
next	;

1.3.2.1
date	2012.11.17.01.53.56;	author svnexp;	state dead;
branches;
next	1.3.2.2;

1.3.2.2
date	2013.03.28.13.05.53;	author svnexp;	state Exp;
branches;
next	;

1.2.14.1
date	2012.11.17.07.45.24;	author svnexp;	state Exp;
branches;
next	;

1.2.24.1
date	2012.11.17.08.08.06;	author svnexp;	state Exp;
branches;
next	;

1.2.30.1
date	2008.10.02.02.57.24;	author kensmith;	state Exp;
branches;
next	;

1.2.32.1
date	2008.11.25.02.59.29;	author kensmith;	state Exp;
branches;
next	;

1.2.34.1
date	2009.04.15.03.14.26;	author kensmith;	state Exp;
branches;
next	;

1.2.36.1
date	2009.08.03.08.13.06;	author kensmith;	state Exp;
branches
	1.2.36.1.2.1
	1.2.36.1.4.1
	1.2.36.1.6.1
	1.2.36.1.8.1;
next	1.2.36.2;

1.2.36.2
date	2012.11.17.10.37.12;	author svnexp;	state Exp;
branches;
next	;

1.2.36.1.2.1
date	2009.10.25.01.10.29;	author kensmith;	state Exp;
branches;
next	;

1.2.36.1.4.1
date	2010.06.14.02.09.06;	author kensmith;	state Exp;
branches;
next	;

1.2.36.1.6.1
date	2010.12.21.17.09.25;	author kensmith;	state Exp;
branches;
next	;

1.2.36.1.8.1
date	2012.03.03.06.15.13;	author kensmith;	state Exp;
branches;
next	1.2.36.1.8.2;

1.2.36.1.8.2
date	2012.11.17.08.25.46;	author svnexp;	state Exp;
branches;
next	;

1.2.38.1
date	2010.02.10.00.26.20;	author kensmith;	state Exp;
branches;
next	;

1.2.40.1
date	2010.12.21.17.10.29;	author kensmith;	state Exp;
branches;
next	1.2.40.2;

1.2.40.2
date	2012.11.17.08.17.39;	author svnexp;	state Exp;
branches;
next	;

1.2.42.1
date	2011.09.23.00.51.37;	author kensmith;	state Exp;
branches
	1.2.42.1.2.1
	1.2.42.1.4.1;
next	1.2.42.2;

1.2.42.2
date	2012.11.17.11.37.31;	author svnexp;	state Exp;
branches;
next	;

1.2.42.1.2.1
date	2011.11.11.04.20.22;	author kensmith;	state Exp;
branches;
next	1.2.42.1.2.2;

1.2.42.1.2.2
date	2012.11.17.08.37.27;	author svnexp;	state Exp;
branches;
next	;

1.2.42.1.4.1
date	2012.08.05.23.54.33;	author kensmith;	state Exp;
branches;
next	1.2.42.1.4.2;

1.2.42.1.4.2
date	2012.11.17.08.48.19;	author svnexp;	state Exp;
branches;
next	;


desc
@@


1.3
log
@Switching exporter and resync
@
text
@$FreeBSD: head/tools/regression/security/proc_to_proc/README 75447 2001-04-12 17:46:20Z rwatson $

  Inter-Process Authorization Test Suite
  Robert Watson, TrustedBSD Project

This test suite attempts to determine the behavior of inter-process
authorization policy present in the kernel.  It analyzes a series of
important scenarios using specifically crafted process credentials
and a set of operations.  It then reports on any divergence from the
expected results.

Test operations:

ptrace		cred1 attempts ptrace attach to cred2
sighup		cred1 attempts SIGHUP of cred2
sigsegv		cred1 attempts SIGSEGV of cred2
see		cred1 attempts getpriority() on cred2
sched		cred1 attempts setpriority() on cred2

Test scenarioes:

priv on priv		root process on another root process
priv on unpriv1		root process on a non-root process
unpriv1 on priv		non-root process on a root process
unpriv1 on unpriv1	non-root process on a similar non-root process
unpriv1 on unpriv2	non-root process on a different non-root process
unpriv1 on daemon1	non-root process on a root daemon process acting with
			same non-root effective credentials
unpriv1 on daemon2	non-root process on a root daemon process acting with
			different non-root effective credentials
unpriv1 on setuid1	non-root process on a setuid-root process with same
			non-root real credentials
unpriv1 on setuid2	non-root process on a setuid-root process with
			different non-root real credentials

The credential elements supported by the test suite are:

	effective uid
	real uid
	saved uid
	P_SUGID flag

Other untested aspects of interest include groups, as well as session
relationship.  Other test operations that might be of interest are SIGCONT,
and SIGIO.

The current set of tests includes some tests where normally the P_SUGID
flag is set, but isn't in the test.  The result is that some tests fail
that may not reflect real-world software configurations.  However, they
do point to possible changes that could be made in the authorization system
to improve resilience to failure or violation of invariants.

These tests rely on __setugid(), a system call enabled using options
REGRESSION.
@


1.3.2.1
log
@file README was added on branch RELENG_8_4 on 2013-03-28 13:05:53 +0000
@
text
@d1 54
@


1.3.2.2
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/248810
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a0 54
$FreeBSD: releng/8.4/tools/regression/security/proc_to_proc/README 75447 2001-04-12 17:46:20Z rwatson $

  Inter-Process Authorization Test Suite
  Robert Watson, TrustedBSD Project

This test suite attempts to determine the behavior of inter-process
authorization policy present in the kernel.  It analyzes a series of
important scenarios using specifically crafted process credentials
and a set of operations.  It then reports on any divergence from the
expected results.

Test operations:

ptrace		cred1 attempts ptrace attach to cred2
sighup		cred1 attempts SIGHUP of cred2
sigsegv		cred1 attempts SIGSEGV of cred2
see		cred1 attempts getpriority() on cred2
sched		cred1 attempts setpriority() on cred2

Test scenarioes:

priv on priv		root process on another root process
priv on unpriv1		root process on a non-root process
unpriv1 on priv		non-root process on a root process
unpriv1 on unpriv1	non-root process on a similar non-root process
unpriv1 on unpriv2	non-root process on a different non-root process
unpriv1 on daemon1	non-root process on a root daemon process acting with
			same non-root effective credentials
unpriv1 on daemon2	non-root process on a root daemon process acting with
			different non-root effective credentials
unpriv1 on setuid1	non-root process on a setuid-root process with same
			non-root real credentials
unpriv1 on setuid2	non-root process on a setuid-root process with
			different non-root real credentials

The credential elements supported by the test suite are:

	effective uid
	real uid
	saved uid
	P_SUGID flag

Other untested aspects of interest include groups, as well as session
relationship.  Other test operations that might be of interest are SIGCONT,
and SIGIO.

The current set of tests includes some tests where normally the P_SUGID
flag is set, but isn't in the test.  The result is that some tests fail
that may not reflect real-world software configurations.  However, they
do point to possible changes that could be made in the authorization system
to improve resilience to failure or violation of invariants.

These tests rely on __setugid(), a system call enabled using options
REGRESSION.
@


1.2
log
@o Expand inter-process authorization regression test to include
  signalling with sigsegv as one of the tests.
o Teach errno_to_string() about ENOTSUPP.

Obtained from:  TrustedBSD Project
@
text
@d1 1
a1 1
$FreeBSD: src/tools/regression/security/proc_to_proc/README,v 1.1 2001/04/11 17:21:14 rwatson Exp $
@


1.2.24.1
log
@Switch importer
@
text
@d1 1
a1 1
$FreeBSD: stable/7/tools/regression/security/proc_to_proc/README 75447 2001-04-12 17:46:20Z rwatson $
@


1.2.14.1
log
@Switch importer
@
text
@d1 1
a1 1
$FreeBSD: stable/6/tools/regression/security/proc_to_proc/README 75447 2001-04-12 17:46:20Z rwatson $
@


1.2.42.1
log
@SVN rev 225736 on 2011-09-23 00:51:37Z by kensmith

Copy head to stable/9 as part of 9.0-RELEASE release cycle.

Approved by:	re (implicit)
@
text
@d1 1
a1 1
$FreeBSD$
@


1.2.42.2
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/ 242902
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r242902 | dteske | 2012-11-11 23:29:45 +0000 (Sun, 11 Nov 2012) | 10 lines
## SVN ##
## SVN ## Fix a regression introduced by SVN r211417 that saw the breakage of a feature
## SVN ## documented in usr.sbin/sysinstall/help/shortcuts.hlp (reproduced below):
## SVN ##
## SVN ## If /usr/sbin/sysinstall is linked to another filename, say
## SVN ## `/usr/local/bin/configPackages', then the basename will be used
## SVN ## as an implicit command name.
## SVN ##
## SVN ## Reviewed by:	adrian (co-mentor)
## SVN ## Approved by:	adrian (co-mentor)
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@d1 1
a1 1
$FreeBSD: stable/9/tools/regression/security/proc_to_proc/README 75447 2001-04-12 17:46:20Z rwatson $
@


1.2.42.1.4.1
log
@SVN rev 239080 on 2012-08-05 23:54:33Z by kensmith

Copy stable/9 to releng/9.1 as part of the 9.1-RELEASE release process.

Approved by:	re (implicit)
@
text
@@


1.2.42.1.4.2
log
@Switch importer
@
text
@d1 1
a1 1
$FreeBSD: releng/9.1/tools/regression/security/proc_to_proc/README 75447 2001-04-12 17:46:20Z rwatson $
@


1.2.42.1.2.1
log
@SVN rev 227445 on 2011-11-11 04:20:22Z by kensmith

Copy stable/9 to releng/9.0 as part of the FreeBSD 9.0-RELEASE release
cycle.

Approved by:	re (implicit)
@
text
@@


1.2.42.1.2.2
log
@Switch importer
@
text
@d1 1
a1 1
$FreeBSD: releng/9.0/tools/regression/security/proc_to_proc/README 75447 2001-04-12 17:46:20Z rwatson $
@


1.2.40.1
log
@SVN rev 216618 on 2010-12-21 17:10:29Z by kensmith

Copy stable/7 to releng/7.4 in preparation for FreeBSD-7.4 release.

Approved by:	re (implicit)
@
text
@d1 1
a1 1
$FreeBSD$
@


1.2.40.2
log
@Switch importer
@
text
@d1 1
a1 1
$FreeBSD: releng/7.4/tools/regression/security/proc_to_proc/README 75447 2001-04-12 17:46:20Z rwatson $
@


1.2.38.1
log
@SVN rev 203736 on 2010-02-10 00:26:20Z by kensmith

Copy stable/7 to releng/7.3 as part of the 7.3-RELEASE process.

Approved by:	re (implicit)
@
text
@d1 1
a1 1
$FreeBSD$
@


1.2.36.1
log
@SVN rev 196045 on 2009-08-03 08:13:06Z by kensmith

Copy head to stable/8 as part of 8.0 Release cycle.

Approved by:	re (Implicit)
@
text
@d1 1
a1 1
$FreeBSD$
@


1.2.36.2
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/ 242909
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r242909 | dim | 2012-11-12 07:47:19 +0000 (Mon, 12 Nov 2012) | 20 lines
## SVN ##
## SVN ## MFC r242625:
## SVN ##
## SVN ## Remove duplicate const specifiers in many drivers (I hope I got all of
## SVN ## them, please let me know if not).  Most of these are of the form:
## SVN ##
## SVN ## static const struct bzzt_type {
## SVN ##       [...list of members...]
## SVN ## } const bzzt_devs[] = {
## SVN ##       [...list of initializers...]
## SVN ## };
## SVN ##
## SVN ## The second const is unnecessary, as arrays cannot be modified anyway,
## SVN ## and if the elements are const, the whole thing is const automatically
## SVN ## (e.g. it is placed in .rodata).
## SVN ##
## SVN ## I have verified this does not change the binary output of a full kernel
## SVN ## build (except for build timestamps embedded in the object files).
## SVN ##
## SVN ## Reviewed by:	yongari, marius
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@d1 1
a1 1
$FreeBSD: stable/8/tools/regression/security/proc_to_proc/README 75447 2001-04-12 17:46:20Z rwatson $
@


1.2.36.1.8.1
log
@SVN rev 232438 on 2012-03-03 06:15:13Z by kensmith

Copy stable/8 to releng/8.3 as part of 8.3-RELEASE release cycle.

Approved by:	re (implicit)
@
text
@@


1.2.36.1.8.2
log
@Switch importer
@
text
@d1 1
a1 1
$FreeBSD: releng/8.3/tools/regression/security/proc_to_proc/README 75447 2001-04-12 17:46:20Z rwatson $
@


1.2.36.1.6.1
log
@SVN rev 216617 on 2010-12-21 17:09:25Z by kensmith

Copy stable/8 to releng/8.2 in preparation for FreeBSD-8.2 release.

Approved by:	re (implicit)
@
text
@@


1.2.36.1.4.1
log
@SVN rev 209145 on 2010-06-14 02:09:06Z by kensmith

Copy stable/8 to releng/8.1 in preparation for 8.1-RC1.

Approved by:	re (implicit)
@
text
@@


1.2.36.1.2.1
log
@SVN rev 198460 on 2009-10-25 01:10:29Z by kensmith

Copy stable/8 to releng/8.0 as part of 8.0-RELEASE release procedure.

Approved by:	re (implicit)
@
text
@@


1.2.34.1
log
@SVN rev 191087 on 2009-04-15 03:14:26Z by kensmith

Create releng/7.2 from stable/7 in preparation for 7.2-RELEASE.

Approved by:	re (implicit)
@
text
@d1 1
a1 1
$FreeBSD$
@


1.2.32.1
log
@SVN rev 185281 on 2008-11-25 02:59:29Z by kensmith

Create releng/7.1 in preparation for moving into RC phase of 7.1 release
cycle.

Approved by:	re (implicit)
@
text
@d1 1
a1 1
$FreeBSD$
@


1.2.30.1
log
@SVN rev 183531 on 2008-10-02 02:57:24Z by kensmith

Create releng/6.4 from stable/6 in preparation for 6.4-RC1.

Approved by:	re (implicit)
@
text
@d1 1
a1 1
$FreeBSD$
@


1.1
log
@o First pass at an inter-process authorization regression testing suite.
  This test utility attempts to evaluate the current kernel policy
  for authorization inter-process activities, currently ptrace(),
  kill(, SIGHUP), getpriority(), and setpriority().  The utility creates
  pairs of processes, initializes their credential sets to useful
  cases, and reports on whether the results are in keeping with hard-coded
  safety expectations.

o Currently, this utility relies on the availability of __setugid(),
  an uncomitted system call used for managing the P_SUGID bit.  Due to
  continuing discussion of optional regression testing kernel components
  ("options REGRESSION") I'll hold off on committing that until the
  discussion has reached its natural termination.

o A number of additional testing factors should be taken into account
  in the testing, including tests for different classes of signals,
  interactions with process session characteristics, I/O signalling,
  broadcast activities such as broadcast signalling, mass priority
  setting, and to take into group-related aspects of credentials.
  Additional operations should also be taken into account, such as ktrace,
  debugging attach using procfs, and so on.

o This testing suite is intended to prevent the introduction of bugs
  in the upcoming sets of authorization changes associated with the
  introduction of process capabilities and mandatory access control.

Obtained from: TrustedBSD Project
@
text
@d1 1
a1 1
$FreeBSD$
d15 2
a16 1
signal		cred1 attempts SIGHUP of cred2
d45 1
a45 1
SIGIO, and SIGSEGV.
@

