openclaw/docs/internal/codex/2026-03-29-exec-target-override-fix.md at dae6632da110ee333a1f86c728aef020e05282a8

vultr/openclaw

mirror of https://github.com/openclaw/openclaw.git synced 2026-05-05 18:10:21 +00:00

Files

Vincent Koc dae6632da1 Security: block exec host overrides under auto target

2026-04-03 02:37:12 +09:00

title, summary, author, github_username, created

title	summary	author	github_username	created
Exec target override bypass fix	Hardened exec target resolution so auto defaults no longer allow model-requested host overrides.	Codex <codex@openai.com>	codex	2026-03-29

Investigated a high-severity regression in exec target resolution.

What changed:

Confirmed current behavior allowed configuredTarget=auto with requestedTarget=gateway/node, which selects host execution even when sandbox is available.
Restored fail-closed allowlist behavior by requiring requested target to exactly match configured target.
Updated the runtime unit test to verify host overrides are rejected when configured target is auto.

Why:

auto should choose runtime host automatically, not grant untrusted host-selection overrides.