github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 09:11:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Sandbox: honor bind mounts in file tools

Browse Source
This commit is contained in:
Vignesh Natarajan
2026-02-14 16:54:29 -08:00
parent eafda6f526
commit 726ff36fd5
3 changed files with 106 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
src/agents/pi-tools.read.ts
View File

@@ -269,23 +269,6 @@ export function wrapToolWorkspaceRootGuard(tool: AnyAgentTool, root: string): An
};
}
function wrapSandboxPathGuard(tool: AnyAgentTool, root: string): AnyAgentTool {
return {
...tool,
execute: async (toolCallId, args, signal, onUpdate) => {
const normalized = normalizeToolParams(args);
const record =
normalized ??
(args && typeof args === "object" ? (args as Record<string, unknown>) : undefined);
const filePath = record?.path;
if (typeof filePath === "string" && filePath.trim()) {
await assertSandboxPath({ filePath, cwd: root, root });
}
return tool.execute(toolCallId, normalized ?? args, signal, onUpdate);
},
};
}
type SandboxToolParams = {
root: string;
bridge: SandboxFsBridge;
@@ -295,27 +278,21 @@ export function createSandboxedReadTool(params: SandboxToolParams) {
const base = createReadTool(params.root, {
operations: createSandboxReadOperations(params),
}) as unknown as AnyAgentTool;
return wrapSandboxPathGuard(createOpenClawReadTool(base), params.root);
return createOpenClawReadTool(base);
}
export function createSandboxedWriteTool(params: SandboxToolParams) {
const base = createWriteTool(params.root, {
operations: createSandboxWriteOperations(params),
}) as unknown as AnyAgentTool;
return wrapSandboxPathGuard(
wrapToolParamNormalization(base, CLAUDE_PARAM_GROUPS.write),
params.root,
);
return wrapToolParamNormalization(base, CLAUDE_PARAM_GROUPS.write);
}
export function createSandboxedEditTool(params: SandboxToolParams) {
const base = createEditTool(params.root, {
operations: createSandboxEditOperations(params),
}) as unknown as AnyAgentTool;
return wrapSandboxPathGuard(
wrapToolParamNormalization(base, CLAUDE_PARAM_GROUPS.edit),
params.root,
);
return wrapToolParamNormalization(base, CLAUDE_PARAM_GROUPS.edit);
}
export function createOpenClawReadTool(base: AnyAgentTool): AnyAgentTool {