negodiy/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Security: sanitize inherited host exec env

Browse Source
This commit is contained in:
Brian Mendonca
2026-02-24 12:09:42 -07:00
committed by Peter Steinberger
parent 9514201fb9
commit 48b052322b
3 changed files with 43 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/agents/bash-tools.exec.ts
View File

@@ -25,6 +25,7 @@ import {
renderExecHostLabel,
resolveApprovalRunningNoticeMs,
runExecProcess,
sanitizeHostBaseEnv,
execSchema,
validateHostEnv,
} from "./bash-tools.exec-runtime.js";
@@ -359,7 +360,8 @@ export function createExecTool(
workdir = resolveWorkdir(rawWorkdir, warnings);
}
const baseEnv = coerceEnv(process.env);
const inheritedBaseEnv = coerceEnv(process.env);
const baseEnv = host === "sandbox" ? inheritedBaseEnv : sanitizeHostBaseEnv(inheritedBaseEnv);
// Logic: Sandbox gets raw env. Host (gateway/node) must pass validation.
// We validate BEFORE merging to prevent any dangerous vars from entering the stream.