vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 17:31:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: prevent channel login exec wedges

Browse Source
This commit is contained in:
Peter Steinberger
2026-04-28 05:16:24 +01:00
parent ed98762832
commit 738f5f7508
13 changed files with 517 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
docs/tools/exec.md
View File

@@ -78,6 +78,7 @@ Notes:
- Host execution (`gateway`/`node`) rejects `env.PATH` and loader overrides (`LD_*`/`DYLD_*`) to
prevent binary hijacking or injected code.
- OpenClaw sets `OPENCLAW_SHELL=exec` in the spawned command environment (including PTY and sandbox execution) so shell/profile rules can detect exec-tool context.
- `openclaw channels login` is blocked from `exec` because it is an interactive channel-auth flow; run it in a terminal on the gateway host, or use the channel-native login tool from chat when one exists.
- Important: sandboxing is **off by default**. If sandboxing is off, implicit `host=auto`
resolves to `gateway`. Explicit `host=sandbox` still fails closed instead of silently
running on the gateway host. Enable sandboxing or use `host=gateway` with approvals.