Peter Steinberger
|
14c052a256
|
refactor: share host env git exploit helpers
|
2026-03-13 20:19:38 +00:00 |
|
Peter Steinberger
|
eb32f42b53
|
test: harden restart sentinel and host env coverage
|
2026-03-13 19:36:49 +00:00 |
|
Vincent Koc
|
276ee259ca
|
Tests: clean up temp git helper directory
|
2026-03-12 01:42:12 -04:00 |
|
Vincent Koc
|
1dcef7b644
|
Infra: block GIT_EXEC_PATH in host env sanitizer (#43685)
* Infra: block GIT_EXEC_PATH in host env sanitizer
* Changelog: note host env hardening
|
2026-03-12 01:16:03 -04:00 |
|
Vincent Koc
|
b48291e01e
|
Exec: mark child command env with OPENCLAW_CLI (#41411)
|
2026-03-09 19:14:08 -04:00 |
|
Peter Steinberger
|
e27bbe4982
|
fix(exec): block dangerous override-only env pivots
|
2026-03-07 19:18:05 +00:00 |
|
Peter Steinberger
|
9a4b2266cc
|
fix(security): bind node system.run approvals to env
|
2026-02-26 16:38:07 +01:00 |
|
Peter Steinberger
|
e80c803fa8
|
fix(security): block shell env allowlist bypass in system.run
|
2026-02-22 12:47:05 +01:00 |
|
Peter Steinberger
|
c2c7114ed3
|
fix(security): block HOME and ZDOTDIR env override injection
|
2026-02-22 09:42:55 +01:00 |
|
Peter Steinberger
|
25e89cc863
|
fix(security): harden shell env fallback
|
2026-02-21 20:01:08 +01:00 |
|
Peter Steinberger
|
f202e73077
|
refactor(security): centralize host env policy and harden env ingestion
|
2026-02-21 13:04:39 +01:00 |
|
Peter Steinberger
|
2cdbadee1f
|
fix(security): block startup-file env injection across host execution paths
|
2026-02-21 11:44:20 +01:00 |
|