# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
import logging
import os
from autotest_lib.client.bin import test, utils
from autotest_lib.client.common_lib import error
class security_SuidBinaries(test.test):
"""
Make sure no surprise binaries become setuid, setgid, or gain filesystem
capabilities without autotest noticing.
"""
version = 1
def load_baseline(self, bltype):
"""
Load the list of expected files for a given baseline type.
@param bltype the baseline to load.
"""
baseline_file = open(os.path.join(self.bindir, 'baseline.' + bltype))
return set(l.strip() for l in baseline_file)
def run_once(self, baseline='suid'):
"""
Do a find on the system for setuid binaries, compare against baseline.
Fail if setuid binaries are found on the system but not on the baseline.
"""
exclude = [ '/proc',
'/dev',
'/sys',
'/run',
'/usr/local',
'/mnt/stateful_partition',
]
cmd = 'find / '
for item in exclude:
cmd += '-wholename %s -prune -o ' % (item)
cmd += '-type f '
permmask = {'suid': '4000', 'sgid': '2000'}
if baseline in permmask:
cmd += '-a -perm /%s -print' % (permmask[baseline])
elif baseline == 'fscap':
cmd += '-exec getcap {} +'
else:
raise error.TestFail("Unknown baseline '%s'!" % (baseline))
cmd_output = utils.system_output(cmd, ignore_status=True)
observed_set = set(cmd_output.splitlines())
baseline_set = self.load_baseline(baseline)
# Report observed set for debugging.
for line in observed_set:
logging.debug('%s: %s', baseline, line)
# Fail if we find new binaries.
new = observed_set.difference(baseline_set)
if len(new) > 0:
message = 'New %s binaries: %s' % (baseline, ', '.join(new))
raise error.TestFail(message)
# Log but not fail if we find missing binaries.
missing = baseline_set.difference(observed_set)
if len(missing) > 0:
for filepath in missing:
logging.error('Missing %s binary: %s', baseline, filepath)
else:
logging.debug('OK: %s baseline matches system', baseline)