github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-07 23:51:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: harden safe-bin trusted dir diagnostics

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-24 23:29:12 +00:00
parent 5c2a483375
commit 4355e08262
10 changed files with 391 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
src/commands/doctor-config-flow.safe-bins.test.ts
View File

@@ -1,4 +1,8 @@
import fs from "node:fs/promises";
import os from "node:os";
import path from "node:path";
import { beforeEach, describe, expect, it, vi } from "vitest";
import { withEnvAsync } from "../test-utils/env.js";
import { runDoctorConfigWithInput } from "./doctor-config-flow.test-utils.js";
const { noteSpy } = vi.hoisted(() => ({
@@ -86,4 +90,46 @@ describe("doctor config flow safe bins", () => {
"Doctor warnings",
);
});
it("hints safeBinTrustedDirs when safeBins resolve outside default trusted dirs", async () => {
if (process.platform === "win32") {
return;
}
const dir = await fs.mkdtemp(path.join(os.tmpdir(), "openclaw-doctor-safe-bins-"));
const binPath = path.join(dir, "mydoctorbin");
try {
await fs.writeFile(binPath, "#!/bin/sh\necho ok\n", "utf-8");
await fs.chmod(binPath, 0o755);
await withEnvAsync(
{
PATH: `${dir}${path.delimiter}${process.env.PATH ?? ""}`,
},
async () => {
await runDoctorConfigWithInput({
config: {
tools: {
exec: {
safeBins: ["mydoctorbin"],
safeBinProfiles: {
mydoctorbin: {},
},
},
},
},
run: loadAndMaybeMigrateDoctorConfig,
});
},
);
expect(noteSpy).toHaveBeenCalledWith(
expect.stringContaining("outside trusted safe-bin dirs"),
"Doctor warnings",
);
expect(noteSpy).toHaveBeenCalledWith(
expect.stringContaining("tools.exec.safeBinTrustedDirs"),
"Doctor warnings",
);
} finally {
await fs.rm(dir, { recursive: true, force: true }).catch(() => undefined);
}
});
});

77
src/commands/doctor-config-flow.ts
View File

@@ -17,10 +17,16 @@ import {
import { collectProviderDangerousNameMatchingScopes } from "../config/dangerous-name-matching.js";
import { applyPluginAutoEnable } from "../config/plugin-auto-enable.js";
import { parseToolsBySenderTypedKey } from "../config/types.tools.js";
import { resolveCommandResolutionFromArgv } from "../infra/exec-command-resolution.js";
import {
listInterpreterLikeSafeBins,
resolveMergedSafeBinProfileFixtures,
} from "../infra/exec-safe-bin-runtime-policy.js";
import {
getTrustedSafeBinDirs,
isTrustedSafeBinPath,
normalizeTrustedSafeBinDirs,
} from "../infra/exec-safe-bin-trust.js";
import {
isDiscordMutableAllowEntry,
isGoogleChatMutableAllowEntry,
@@ -1001,6 +1007,13 @@ type ExecSafeBinScopeRef = {
safeBins: string[];
exec: Record<string, unknown>;
mergedProfiles: Record<string, unknown>;
trustedSafeBinDirs: ReadonlySet<string>;
};
type ExecSafeBinTrustedDirHintHit = {
scopePath: string;
bin: string;
resolvedPath: string;
};
function normalizeConfiguredSafeBins(entries: unknown): string[] {
@@ -1016,9 +1029,19 @@ function normalizeConfiguredSafeBins(entries: unknown): string[] {
).toSorted();
}
function normalizeConfiguredTrustedSafeBinDirs(entries: unknown): string[] {
if (!Array.isArray(entries)) {
return [];
}
return normalizeTrustedSafeBinDirs(
entries.filter((entry): entry is string => typeof entry === "string"),
);
}
function collectExecSafeBinScopes(cfg: OpenClawConfig): ExecSafeBinScopeRef[] {
const scopes: ExecSafeBinScopeRef[] = [];
const globalExec = asObjectRecord(cfg.tools?.exec);
const globalTrustedDirs = normalizeConfiguredTrustedSafeBinDirs(globalExec?.safeBinTrustedDirs);
if (globalExec) {
const safeBins = normalizeConfiguredSafeBins(globalExec.safeBins);
if (safeBins.length > 0) {
@@ -1030,6 +1053,9 @@ function collectExecSafeBinScopes(cfg: OpenClawConfig): ExecSafeBinScopeRef[] {
resolveMergedSafeBinProfileFixtures({
global: globalExec,
}) ?? {},
trustedSafeBinDirs: getTrustedSafeBinDirs({
extraDirs: globalTrustedDirs,
}),
});
}
}
@@ -1055,6 +1081,12 @@ function collectExecSafeBinScopes(cfg: OpenClawConfig): ExecSafeBinScopeRef[] {
global: globalExec,
local: agentExec,
}) ?? {},
trustedSafeBinDirs: getTrustedSafeBinDirs({
extraDirs: [
...globalTrustedDirs,
...normalizeConfiguredTrustedSafeBinDirs(agentExec.safeBinTrustedDirs),
],
}),
});
}
return scopes;
@@ -1078,6 +1110,32 @@ function scanExecSafeBinCoverage(cfg: OpenClawConfig): ExecSafeBinCoverageHit[]
return hits;
}
function scanExecSafeBinTrustedDirHints(cfg: OpenClawConfig): ExecSafeBinTrustedDirHintHit[] {
const hits: ExecSafeBinTrustedDirHintHit[] = [];
for (const scope of collectExecSafeBinScopes(cfg)) {
for (const bin of scope.safeBins) {
const resolution = resolveCommandResolutionFromArgv([bin]);
if (!resolution?.resolvedPath) {
continue;
}
if (
isTrustedSafeBinPath({
resolvedPath: resolution.resolvedPath,
trustedDirs: scope.trustedSafeBinDirs,
})
) {
continue;
}
hits.push({
scopePath: scope.scopePath,
bin,
resolvedPath: resolution.resolvedPath,
});
}
}
return hits;
}
function maybeRepairExecSafeBinProfiles(cfg: OpenClawConfig): {
config: OpenClawConfig;
changes: string[];
@@ -1488,6 +1546,25 @@ export async function loadAndMaybeMigrateDoctorConfig(params: {
);
note(lines.join("\n"), "Doctor warnings");
}
const safeBinTrustedDirHints = scanExecSafeBinTrustedDirHints(candidate);
if (safeBinTrustedDirHints.length > 0) {
const lines = safeBinTrustedDirHints
.slice(0, 5)
.map(
(hit) =>
`- ${hit.scopePath}.safeBins entry '${hit.bin}' resolves to '${hit.resolvedPath}' outside trusted safe-bin dirs.`,
);
if (safeBinTrustedDirHints.length > 5) {
lines.push(
`- ${safeBinTrustedDirHints.length - 5} more safeBins entries resolve outside trusted safe-bin dirs.`,
);
}
lines.push(
"- If intentional, add the binary directory to tools.exec.safeBinTrustedDirs (global or agent scope).",
);
note(lines.join("\n"), "Doctor warnings");
}
}
const mutableAllowlistHits = scanMutableAllowlistEntries(candidate);