negodiy/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Security: sanitize inherited host exec env

Browse Source
This commit is contained in:
Brian Mendonca
2026-02-24 12:09:42 -07:00
committed by Peter Steinberger
parent 9514201fb9
commit 48b052322b
3 changed files with 43 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/agents/bash-tools.exec-runtime.ts
View File

@@ -29,6 +29,23 @@ import {
import { buildCursorPositionResponse, stripDsrRequests } from "./pty-dsr.js";
import { getShellConfig, sanitizeBinaryOutput } from "./shell-utils.js";
// Sanitize inherited host env before merge so dangerous variables from process.env
// are not propagated into non-sandboxed executions.
export function sanitizeHostBaseEnv(env: Record<string, string>): Record<string, string> {
const sanitized: Record<string, string> = {};
for (const [key, value] of Object.entries(env)) {
const upperKey = key.toUpperCase();
if (upperKey === "PATH") {
sanitized[key] = value;
continue;
}
if (isDangerousHostEnvVarName(upperKey)) {
continue;
}
sanitized[key] = value;
}
return sanitized;
}
// Centralized sanitization helper.
// Throws an error if dangerous variables or PATH modifications are detected on the host.
export function validateHostEnv(env: Record<string, string>): void {