diff --git a/src/node-host/invoke-system-run-plan.test.ts b/src/node-host/invoke-system-run-plan.test.ts index ace75953415..0c275612ede 100644 --- a/src/node-host/invoke-system-run-plan.test.ts +++ b/src/node-host/invoke-system-run-plan.test.ts @@ -284,51 +284,12 @@ const unsafeRuntimeInvocationCases: UnsafeRuntimeInvocationCase[] = [ fs.writeFileSync(path.join(tmp, "awk"), "bait\n"); }, }, - { - name: "rejects busybox shell applets that forward inline commands", - binName: "busybox", - tmpPrefix: "openclaw-busybox-shell-inline-", - command: ["busybox", "sh", "-c", "echo SAFE"], - }, - { - name: "rejects busybox shell applets with script file operands", - binName: "busybox", - tmpPrefix: "openclaw-busybox-shell-file-", - command: ["busybox", "sh", "./run.sh"], - setup: (tmp) => { - fs.writeFileSync(path.join(tmp, "run.sh"), "#!/bin/sh\necho SAFE\n"); - }, - }, { name: "rejects toybox applets that cannot be safely bound", binName: "toybox", tmpPrefix: "openclaw-toybox-awk-", command: ["toybox", "awk", 'BEGIN{system("id")}'], }, - { - name: "rejects toybox applets even when cwd contains a file named after the applet", - binName: "toybox", - tmpPrefix: "openclaw-toybox-awk-file-bait-", - command: ["toybox", "awk", 'BEGIN{system("id")}'], - setup: (tmp) => { - fs.writeFileSync(path.join(tmp, "awk"), "bait\n"); - }, - }, - { - name: "rejects toybox shell applets that forward inline commands", - binName: "toybox", - tmpPrefix: "openclaw-toybox-shell-inline-", - command: ["toybox", "ash", "-lc", "echo SAFE"], - }, - { - name: "rejects toybox shell applets with script file operands", - binName: "toybox", - tmpPrefix: "openclaw-toybox-shell-file-", - command: ["toybox", "ash", "./run.sh"], - setup: (tmp) => { - fs.writeFileSync(path.join(tmp, "run.sh"), "#!/bin/sh\necho SAFE\n"); - }, - }, { name: "rejects node inline import operands that cannot be bound to one stable file", binName: "node", @@ -348,15 +309,6 @@ const unsafeRuntimeInvocationCases: UnsafeRuntimeInvocationCase[] = [ fs.writeFileSync(path.join(tmp, "safe.rb"), 'puts "SAFE"\n'); }, }, - { - name: "rejects ruby load-path flags that can redirect module resolution after approval", - binName: "ruby", - tmpPrefix: "openclaw-ruby-load-path-", - command: ["ruby", "-I.", "./safe.rb"], - setup: (tmp) => { - fs.writeFileSync(path.join(tmp, "safe.rb"), 'puts "SAFE"\n'); - }, - }, { name: "rejects perl module preloads that approval cannot bind completely", binName: "perl", @@ -375,15 +327,6 @@ const unsafeRuntimeInvocationCases: UnsafeRuntimeInvocationCase[] = [ fs.writeFileSync(path.join(tmp, "safe.pl"), 'print "SAFE\\n";\n'); }, }, - { - name: "rejects perl combined preload and load-path flags", - binName: "perl", - tmpPrefix: "openclaw-perl-preload-load-path-", - command: ["perl", "-Ilib", "-MPreload", "./safe.pl"], - setup: (tmp) => { - fs.writeFileSync(path.join(tmp, "safe.pl"), 'print "SAFE\\n";\n'); - }, - }, { name: "rejects shell payloads that hide mutable interpreter scripts", binName: "node", @@ -402,15 +345,6 @@ const unsafeRuntimeInvocationCases: UnsafeRuntimeInvocationCase[] = [ fs.writeFileSync(path.join(tmp, "run.ts"), 'console.log("SAFE")\n'); }, }, - { - name: "rejects pnpm dlx invocations with unrecognized global flags before dlx when they hide a mutable script", - binName: "pnpm", - tmpPrefix: "openclaw-pnpm-dlx-unknown-prefix-", - command: ["pnpm", "--future-flag", "dlx", "tsx", "./run.ts"], - setup: (tmp) => { - fs.writeFileSync(path.join(tmp, "run.ts"), 'console.log("SAFE")\n'); - }, - }, { name: "rejects pnpm dlx invocations with unrecognized global flags that take a value before dlx", binName: "pnpm", @@ -420,15 +354,6 @@ const unsafeRuntimeInvocationCases: UnsafeRuntimeInvocationCase[] = [ fs.writeFileSync(path.join(tmp, "run.ts"), 'console.log("SAFE")\n'); }, }, - { - name: "rejects pnpm dlx invocations with unrecognized flags after a global option terminator", - binName: "pnpm", - tmpPrefix: "openclaw-pnpm-dlx-global-double-dash-", - command: ["pnpm", "--", "dlx", "--future-flag", "tsx", "./run.ts"], - setup: (tmp) => { - fs.writeFileSync(path.join(tmp, "run.ts"), 'console.log("SAFE")\n'); - }, - }, ]; describe("hardenApprovedExecutionPaths", () => { @@ -568,14 +493,6 @@ describe("hardenApprovedExecutionPaths", () => { initialBody: 'print("SAFE")\n', expectedArgvIndex: 1, }, - { - name: "pypy direct file", - binName: "pypy", - argv: ["pypy", "./run.py"], - scriptName: "run.py", - initialBody: 'print("SAFE")\n', - expectedArgvIndex: 1, - }, { name: "versioned node alias file", binName: "node20", @@ -592,38 +509,6 @@ describe("hardenApprovedExecutionPaths", () => { initialBody: 'console.log("SAFE");\n', expectedArgvIndex: 1, }, - { - name: "jiti direct file", - binName: "jiti", - argv: ["jiti", "./run.ts"], - scriptName: "run.ts", - initialBody: 'console.log("SAFE");\n', - expectedArgvIndex: 1, - }, - { - name: "ts-node direct file", - binName: "ts-node", - argv: ["ts-node", "./run.ts"], - scriptName: "run.ts", - initialBody: 'console.log("SAFE");\n', - expectedArgvIndex: 1, - }, - { - name: "vite-node direct file", - binName: "vite-node", - argv: ["vite-node", "./run.ts"], - scriptName: "run.ts", - initialBody: 'console.log("SAFE");\n', - expectedArgvIndex: 1, - }, - { - name: "bun direct file", - binName: "bun", - argv: ["bun", "./run.ts"], - scriptName: "run.ts", - initialBody: 'console.log("SAFE");\n', - expectedArgvIndex: 1, - }, { name: "bun run file", binName: "bun", @@ -640,22 +525,6 @@ describe("hardenApprovedExecutionPaths", () => { initialBody: 'console.log("SAFE");\n', expectedArgvIndex: 5, }, - { - name: "bun test file", - binName: "bun", - argv: ["bun", "test", "./run.test.ts"], - scriptName: "run.test.ts", - initialBody: 'console.log("SAFE");\n', - expectedArgvIndex: 2, - }, - { - name: "deno test file", - binName: "deno", - argv: ["deno", "test", "./run.test.ts"], - scriptName: "run.test.ts", - initialBody: 'console.log("SAFE");\n', - expectedArgvIndex: 2, - }, { name: "pnpm exec tsx file", argv: ["pnpm", "exec", "tsx", "./run.ts"], @@ -663,27 +532,6 @@ describe("hardenApprovedExecutionPaths", () => { initialBody: 'console.log("SAFE");\n', expectedArgvIndex: 3, }, - { - name: "pnpm parallel exec tsx file", - argv: ["pnpm", "--parallel", "exec", "tsx", "./run.ts"], - scriptName: "run.ts", - initialBody: 'console.log("SAFE");\n', - expectedArgvIndex: 4, - }, - { - name: "pnpm workspace-root exec tsx file", - argv: ["pnpm", "-w", "exec", "tsx", "./run.ts"], - scriptName: "run.ts", - initialBody: 'console.log("SAFE");\n', - expectedArgvIndex: 4, - }, - { - name: "pnpm workspace-root dlx tsx file", - argv: ["pnpm", "-w", "dlx", "tsx", "./run.ts"], - scriptName: "run.ts", - initialBody: 'console.log("SAFE");\n', - expectedArgvIndex: 4, - }, { name: "pnpm dlx tsx file", argv: ["pnpm", "dlx", "tsx", "./run.ts"], @@ -691,20 +539,6 @@ describe("hardenApprovedExecutionPaths", () => { initialBody: 'console.log("SAFE");\n', expectedArgvIndex: 3, }, - { - name: "pnpm global double-dash dlx tsx file", - argv: ["pnpm", "--", "dlx", "tsx", "./run.ts"], - scriptName: "run.ts", - initialBody: 'console.log("SAFE");\n', - expectedArgvIndex: 4, - }, - { - name: "pnpm pre-dlx package-equals tsx file", - argv: ["pnpm", "--package=tsx", "dlx", "tsx", "./run.ts"], - scriptName: "run.ts", - initialBody: 'console.log("SAFE");\n', - expectedArgvIndex: 4, - }, { name: "pnpm reporter dlx package tsx file", argv: ["pnpm", "--reporter", "silent", "dlx", "--package", "tsx", "tsx", "./run.ts"], @@ -712,20 +546,6 @@ describe("hardenApprovedExecutionPaths", () => { initialBody: 'console.log("SAFE");\n', expectedArgvIndex: 7, }, - { - name: "pnpm reporter dlx short-package tsx file", - argv: ["pnpm", "--reporter", "silent", "dlx", "-p", "tsx", "tsx", "./run.ts"], - scriptName: "run.ts", - initialBody: 'console.log("SAFE");\n', - expectedArgvIndex: 7, - }, - { - name: "pnpm silent dlx tsx file", - argv: ["pnpm", "dlx", "-s", "tsx", "./run.ts"], - scriptName: "run.ts", - initialBody: 'console.log("SAFE");\n', - expectedArgvIndex: 4, - }, { name: "pnpm reporter exec tsx file", argv: ["pnpm", "--reporter", "silent", "exec", "tsx", "./run.ts"], @@ -733,13 +553,6 @@ describe("hardenApprovedExecutionPaths", () => { initialBody: 'console.log("SAFE");\n', expectedArgvIndex: 5, }, - { - name: "pnpm reporter-equals exec tsx file", - argv: ["pnpm", "--reporter=silent", "exec", "tsx", "./run.ts"], - scriptName: "run.ts", - initialBody: 'console.log("SAFE");\n', - expectedArgvIndex: 4, - }, { name: "pnpm js shim exec tsx file", argv: ["./pnpm.js", "exec", "tsx", "./run.ts"], @@ -763,21 +576,6 @@ describe("hardenApprovedExecutionPaths", () => { expectedArgvIndex: 2, binNames: ["pnpm", "node"], }, - { - name: "pnpm node double-dash file", - argv: ["pnpm", "node", "--", "./run.js"], - scriptName: "run.js", - initialBody: 'console.log("SAFE");\n', - expectedArgvIndex: 3, - binNames: ["pnpm", "node"], - }, - { - name: "npx tsx file", - argv: ["npx", "tsx", "./run.ts"], - scriptName: "run.ts", - initialBody: 'console.log("SAFE");\n', - expectedArgvIndex: 2, - }, { name: "bunx tsx file", argv: ["bunx", "tsx", "./run.ts"],