Verified Commit a3050539 authored by valoq's avatar valoq

add test for sandbox

parent b02c73fc
......@@ -24,6 +24,15 @@ if check.found()
test('session', session,
timeout: 60*60
)
sandbox = executable('test_sandbox', ['test_sandbox.c', 'tests.c'],
dependencies: build_dependencies + test_dependencies,
include_directories: include_directories,
c_args: defines + flags
)
test('sandbox', sandbox,
timeout: 60*60
)
utils = executable('test_utils', ['test_utils.c', 'tests.c'],
dependencies: build_dependencies + test_dependencies,
......
/* SPDX-License-Identifier: Zlib */
#include <check.h>
#include "zathura.h"
#include "tests.h"
START_TEST(test_create) {
zathura_t* zathura = zathura_create();
zathura->global.sandbox = ZATHURA_SANDBOX_TEST;
fail_unless(zathura != NULL, "Could not create strictly sandboxed session", NULL);
fail_unless(zathura_init(zathura) == true, "Could not initialize strictly sandboxed session", NULL);
zathura_free(zathura);
} END_TEST
static Suite* suite_sandbox(void)
{
TCase* tcase = NULL;
Suite* suite = suite_create("Sandbox");
/* basic */
tcase = tcase_create("basic");
tcase_add_checked_fixture(tcase, setup, NULL);
tcase_add_test(tcase, test_create);
suite_add_tcase(suite, tcase);
return suite;
}
int main()
{
return run_suite(suite_sandbox());
}
......@@ -117,7 +117,7 @@ out:
}
int
seccomp_enable_strict_filter(void)
seccomp_enable_strict_filter(bool test)
{
/* prevent child processes from getting more priv e.g. via setuid, capabilities, ... */
if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) {
......@@ -224,6 +224,12 @@ seccomp_enable_strict_filter(void)
ADD_RULE("errno", SCMP_ACT_ERRNO(EPERM), sched_setattr, 0);
ADD_RULE("errno", SCMP_ACT_ERRNO(EPERM), sched_getattr, 0);
/* check test flag, allow additional syscalls for test mode */
if (test){
ALLOW_RULE(timer_create);
ALLOW_RULE(timer_delete);
}
/* Special requirements for ioctl, allowed on stdout/stderr */
ADD_RULE("allow", SCMP_ACT_ALLOW, ioctl, 1, SCMP_CMP(0, SCMP_CMP_EQ, 1));
ADD_RULE("allow", SCMP_ACT_ALLOW, ioctl, 1, SCMP_CMP(0, SCMP_CMP_EQ, 2));
......
......@@ -3,6 +3,8 @@
#ifndef ZATHURA_SECCOMP_FILTERS_H
#define ZATHURA_SECCOMP_FILTERS_H
#include <stdbool.h>
/* basic filter */
/* this mode allows normal use */
/* only dangerous syscalls are blacklisted */
......@@ -10,6 +12,6 @@ int seccomp_enable_basic_filter(void);
/* strict filter before document parsing */
/* this filter is to be enabled after most of the initialisation of zathura has finished */
int seccomp_enable_strict_filter(void);
int seccomp_enable_strict_filter(bool test);
#endif
......@@ -448,13 +448,22 @@ zathura_init(zathura_t* zathura)
break;
case ZATHURA_SANDBOX_STRICT:
girara_debug("Strict sandbox preventing write and network access.");
if (seccomp_enable_strict_filter() != 0) {
if (seccomp_enable_strict_filter(0) != 0) {
girara_error("Failed to initialize strict seccomp filter.");
goto error_free;
}
/* unset the input method to avoid communication with external services */
unsetenv("GTK_IM_MODULE");
break;
case ZATHURA_SANDBOX_TEST:
girara_debug("Strict sandbox preventing write and network access, testmode.");
if (seccomp_enable_strict_filter(1) != 0) {
girara_error("Failed to initialize test seccomp filter.");
goto error_free;
}
/* unset the input method to avoid communication with external services */
unsetenv("GTK_IM_MODULE");
break;
}
#endif
......@@ -464,8 +473,12 @@ zathura_init(zathura_t* zathura)
goto error_free;
}
/* database */
init_database(zathura);
/* disable unsupported features in strict sandbox mode */
if (zathura->global.sandbox != ZATHURA_SANDBOX_STRICT){
/* database */
init_database(zathura);
}
/* bookmarks */
zathura->bookmarks.bookmarks = girara_sorted_list_new2(
......
......@@ -85,7 +85,8 @@ enum {
typedef enum {
ZATHURA_SANDBOX_NONE,
ZATHURA_SANDBOX_NORMAL,
ZATHURA_SANDBOX_STRICT
ZATHURA_SANDBOX_STRICT,
ZATHURA_SANDBOX_TEST
} zathura_sandbox_t;
/* forward declaration for types from database.h */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment