fix(security): include dangerous commands in audit known commands (#7… · openclaw/openclaw@7e5c375
openclaw-clo
·
2026-04-29
·
via Recent Commits to openclaw:main
| Original file line number | Diff line number | Diff line change |
|---|
@@ -13,6 +13,7 @@ Docs: https://docs.openclaw.ai
|
13 | 13 | |
14 | 14 | ### Fixes |
15 | 15 | |
| 16 | +- Security/audit: recognize dangerous node command IDs as valid `gateway.nodes.denyCommands` entries, so audit only warns on real typos or unsupported patterns. (#56923) Thanks @chziyue. |
16 | 17 | - Telegram/exec approvals: stop treating general Telegram chat allowlists and `defaultTo` routes as native exec approvers; Telegram now uses explicit `execApprovals.approvers` or owner identity from `commands.ownerAllowFrom`, matching the first-pairing owner bootstrap path. Thanks @pashpashpash. |
17 | 18 | - Chat commands: route sensitive group `/diagnostics` and `/export-trajectory` approvals and results to a private owner route, preferring same-surface DMs before falling back to the first configured owner route, so Discord group invocations can land in Telegram when that is the primary owner interface. Thanks @pashpashpash. |
18 | 19 | - Plugin SDK/Discord: restore a deprecated `openclaw/plugin-sdk/discord` compatibility facade and the legacy compat group-policy warning export for the published `@openclaw/discord@2026.3.13` package, covering its config, account, directory, status, and thread-binding imports while keeping new plugins on generic SDK subpaths. Fixes #73685; supersedes #73703. Thanks @rderickson9 and @SymbolStar. |
|
| Original file line number | Diff line number | Diff line change |
|---|
@@ -190,6 +190,12 @@ function listKnownNodeCommands(cfg: OpenClawConfig): Set<string> {
|
190 | 190 | } |
191 | 191 | } |
192 | 192 | } |
| 193 | +for (const cmd of DEFAULT_DANGEROUS_NODE_COMMANDS) { |
| 194 | +const normalized = normalizeNodeCommand(cmd); |
| 195 | +if (normalized) { |
| 196 | +out.add(normalized); |
| 197 | +} |
| 198 | +} |
193 | 199 | return out; |
194 | 200 | } |
195 | 201 | |
|
| Original file line number | Diff line number | Diff line change |
|---|
@@ -56,6 +56,18 @@ describe("security audit node command findings", () => {
|
56 | 56 | detailIncludes: ["zzzzzzzzzzzzzz"], |
57 | 57 | detailExcludes: ["did you mean"], |
58 | 58 | }, |
| 59 | +{ |
| 60 | +name: "keeps valid dangerous denyCommands entries out of unknown warnings", |
| 61 | +cfg: { |
| 62 | +gateway: { |
| 63 | +nodes: { |
| 64 | +denyCommands: ["camera.snap", "screen.record", "camera.snapp", "system.*"], |
| 65 | +}, |
| 66 | +}, |
| 67 | +} satisfies OpenClawConfig, |
| 68 | +detailIncludes: ["camera.snapp", "system.*", "did you mean", "camera.snap"], |
| 69 | +detailExcludes: ["screen.record"], |
| 70 | +}, |
59 | 71 | ] as const; |
60 | 72 | |
61 | 73 | for (const testCase of cases) { |
@@ -73,6 +85,18 @@ describe("security audit node command findings", () => {
|
73 | 85 | } |
74 | 86 | }); |
75 | 87 | |
| 88 | +it("does not flag valid dangerous gateway.nodes.denyCommands entries as ineffective", () => { |
| 89 | +const findings = collectNodeDenyCommandPatternFindings({ |
| 90 | +gateway: { |
| 91 | +nodes: { |
| 92 | +denyCommands: ["camera.snap", "camera.clip", "screen.record", "sms.send"], |
| 93 | +}, |
| 94 | +}, |
| 95 | +} satisfies OpenClawConfig); |
| 96 | + |
| 97 | +expect(findings).toEqual([]); |
| 98 | +}); |
| 99 | + |
76 | 100 | it("evaluates dangerous gateway.nodes.allowCommands findings", () => { |
77 | 101 | const cases: Array<{ |
78 | 102 | name: string; |
|
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。