mirror of
https://github.com/openclaw/openclaw.git
synced 2026-03-12 07:20:45 +00:00
docs(changelog): note interpreter approval hardening
This commit is contained in:
Peter Steinberger
@@ -87,6 +87,7 @@ Docs: https://docs.openclaw.ai
|
||||
- Gateway/auth: fail closed when local `gateway.auth.*` SecretRefs are configured but unavailable, instead of silently falling back to `gateway.remote.*` credentials in local mode. (#42672) Thanks @joshavant.
|
||||
- Sandbox/fs bridge: pin staged writes to verified parent directories so temporary write files cannot materialize outside the allowed mount before atomic replace. Thanks @tdjackey.
|
||||
- Commands/config writes: enforce `configWrites` against both the originating account and the targeted account scope for `/config` and config-backed `/allowlist` edits, blocking sibling-account mutations while preserving gateway `operator.admin` flows. Thanks @tdjackey for reporting.
|
||||
- Security/system.run: fail closed for approval-backed interpreter/runtime commands when OpenClaw cannot bind exactly one concrete local file operand, while extending best-effort direct-file binding to additional runtime forms. Thanks @tdjackey for reporting.
|
||||
|
||||
## 2026.3.8
|
||||
|
||||
|
||||
@@ -746,7 +746,7 @@ export function buildSystemRunApprovalPlan(params: {
|
||||
const mutableFileOperand = resolveMutableFileOperandSnapshotSync({
|
||||
argv: hardening.argv,
|
||||
cwd: hardening.cwd,
|
||||
shellCommand: command.shellCommand,
|
||||
shellCommand: command.shellPayload,
|
||||
});
|
||||
if (!mutableFileOperand.ok) {
|
||||
return { ok: false, message: mutableFileOperand.message };
|
||||
|
||||
Reference in New Issue
Block a user