| # Copyright 2015 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| import dbus |
| import logging |
| import os.path |
| import socket |
| |
| from autotest_lib.client.bin import test, utils |
| from autotest_lib.client.common_lib import error |
| from autotest_lib.client.cros import constants, cros_ui, login |
| |
| |
| class security_RestartJob(test.test): |
| """Verifies that RestartJob cannot be abused to execute arbitrary processes. |
| """ |
| version = 1 |
| |
| |
| _FLAGFILE = '/tmp/security_RestartJob_regression' |
| |
| |
| def _ps(self, proc=constants.BROWSER): |
| """Grab the oldest pid for a process named |proc|.""" |
| pscmd = 'ps -C %s -o pid --no-header | head -1' % proc |
| return utils.system_output(pscmd) |
| |
| |
| def run_once(self): |
| """Main test code.""" |
| login.wait_for_browser() |
| bus = dbus.SystemBus() |
| proxy = bus.get_object('org.chromium.SessionManager', |
| '/org/chromium/SessionManager') |
| sessionmanager = dbus.Interface(proxy, |
| 'org.chromium.SessionManagerInterface') |
| |
| # Craft a malicious replacement for the target process. |
| cmd = ['touch', self._FLAGFILE] |
| |
| # Try to get our malicious replacement to run via RestartJob. |
| try: |
| remote, local = socket.socketpair(socket.AF_UNIX) |
| logging.info('Calling RestartJob(<socket>, %r)', cmd) |
| sessionmanager.RestartJob(dbus.types.UnixFd(remote), cmd) |
| # Fails if the RestartJob call doesn't generate an error. |
| raise error.TestFail('RestartJob regression!') |
| except dbus.DBusException as e: |
| logging.info(e.get_dbus_message()) |
| pass |
| except OSError as e: |
| raise error.TestError('Could not create sockets for creds: %s', e) |
| finally: |
| try: |
| local.close() |
| except OSError: |
| pass |
| |
| if os.path.exists(self._FLAGFILE): |
| raise error.TestFail('RestartJobWithAuth regression!') |
| |
| |
| def cleanup(self): |
| """Reset the UI, since this test killed Chrome.""" |
| cros_ui.nuke() |