github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 00:31:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): clarify dmScope remediation path with explicit CLI command

Browse Source 
# Problem
The security audit and onboarding screens suggested 'Set session.dmScope="..."'
for multi-user DM isolation. This led users to try setting the value in invalid
config paths (e.g., 'channels.imessage.dmScope').

# Changes
- Updated 'src/security/audit.ts' to use 'formatCliCommand' for dmScope remediation.
- Updated 'src/commands/doctor-security.ts' and 'src/commands/onboard-channels.ts'
  to use the explicit 'openclaw config set' command format.

# Validation
- Verified text alignment with 'pnpm tsgo'.
- Confirmed CLI command formatting remains consistent across modified files.
This commit is contained in:
VintLin
2026-02-10 12:39:14 +08:00
committed by Peter Steinberger
parent 31c6a12cfa
commit ca3c83acdf
3 changed files with 12 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/security/audit.ts
View File

@@ -599,7 +599,9 @@ async function collectChannelSecurityFindings(params: {
detail:
"Multiple DM senders currently share the main session, which can leak context across users.",
remediation:
'Set session.dmScope="per-channel-peer" (or "per-account-channel-peer" for multi-account channels) to isolate DM sessions per sender.',
"Run: " +
formatCliCommand('openclaw config set session.dmScope "per-channel-peer"') +
' (or "per-account-channel-peer" for multi-account channels) to isolate DM sessions per sender.',
});
}
};