vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-04 04:20:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): bind system.run approvals to argv identity

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-26 03:40:42 +01:00
parent baf656bc6f
commit 03e689fc89
12 changed files with 102 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/gateway/server-methods/exec-approval.ts
View File

@@ -43,6 +43,7 @@ export function createExecApprovalHandlers(
const p = params as {
id?: string;
command: string;
commandArgv?: string[] | null;
cwd?: string;
nodeId?: string;
host?: string;
@@ -60,6 +61,9 @@ export function createExecApprovalHandlers(
const explicitId = typeof p.id === "string" && p.id.trim().length > 0 ? p.id.trim() : null;
const host = typeof p.host === "string" ? p.host.trim() : "";
const nodeId = typeof p.nodeId === "string" ? p.nodeId.trim() : "";
const commandArgv = Array.isArray(p.commandArgv)
? p.commandArgv.map((entry) => String(entry))
: null;
if (host === "node" && !nodeId) {
respond(
false,
@@ -78,6 +82,7 @@ export function createExecApprovalHandlers(
}
const request = {
command: p.command,
commandArgv,
cwd: p.cwd ?? null,
nodeId: host === "node" ? nodeId : null,
host: host || null,