Spawn test processes as an unprivileged user by default

Fixes an issue where the connection-checker is allowed to leak traffic
on macOS

1 files changed, 19 insertions, 0 deletions

diff --git a/test/scripts/ssh-setup.sh b/test/scripts/ssh-setup.sh
index 714756f45e..5ac5dea15e 100644
--- a/test/scripts/ssh-setup.sh
+++ b/test/scripts/ssh-setup.sh
@@ -9,6 +9,7 @@ RUNNER_DIR="$1"
 APP_PACKAGE="$2"
 PREVIOUS_APP="$3"
 UI_RUNNER="$4"
+UNPRIVILEGED_USER="$5"
 
 # Copy over test runner to correct place
 
@@ -21,6 +22,9 @@ for file in test-runner connection-checker $APP_PACKAGE $PREVIOUS_APP $UI_RUNNER
     cp -f "$SCRIPT_DIR/$file" "$RUNNER_DIR"
 done
 
+# Unprivileged users need execute rights for connection checker
+chmod 551 "${RUNNER_DIR}/connection-checker"
+
 chown -R root "$RUNNER_DIR/"
 
 # Create service
@@ -69,11 +73,18 @@ function setup_macos {
 </plist>
 EOF
 
+    create_test_user_macos
+
     echo "Starting test runner service"
 
     launchctl load -w $RUNNER_PLIST_PATH
 }
 
+function create_test_user_macos {
+    echo "Adding test user account"
+    sysadminctl -addUser "$UNPRIVILEGED_USER" -fullName "$UNPRIVILEGED_USER" -password "$UNPRIVILEGED_USER"
+}
+
 function setup_systemd {
     RUNNER_SERVICE_PATH="/etc/systemd/system/testrunner.service"
 
@@ -94,10 +105,18 @@ EOF
 
     semanage fcontext -a -t bin_t "$RUNNER_DIR/.*" &> /dev/null || true
 
+    create_test_user_linux
+
     systemctl enable testrunner.service
     systemctl start testrunner.service
 }
 
+function create_test_user_linux {
+    echo "Adding test user account"
+    useradd -m "$UNPRIVILEGED_USER"
+    echo "$UNPRIVILEGED_USER:$UNPRIVILEGED_USER" | chpasswd
+}
+
 if [[ "$(uname -s)" == "Darwin" ]]; then
     setup_macos
     exit 0