wanwu/deer-flow
1
0
Fork 0
mirror of https://gitee.com/wanwujie/deer-flow synced 2026-04-20 21:04:45 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,558 Commits 15 Branches 0 Tags
cfad26b6844371ff3d7d2a5485a6cc1eef464c12
Commit Graph

2 Commits

Author SHA1 Message Date
Willem Jiang
24a8ea76ee feat(sandbox): restrict risky absolute paths in local bash commands 
- validate absolute path usage in local-mode bash commands
- allow only /mnt/user-data virtual paths for user data access
- keep a small allowlist for system executable/device paths
- return clear permission errors for unsafe command paths
- add regression tests for bash path validation rules
 2026-03-05 22:13:06 +08:00
Willem Jiang
34e3f5c9d4 feat(sandbox): harden local file access and mask host paths 
- enforce local sandbox file tools to only accept /mnt/user-data paths
- add path traversal checks against thread workspace/uploads/outputs roots
- preserve requested virtual paths in tool error messages (no host path leaks)
- mask local absolute paths in bash output back to virtual sandbox paths
- update bash tool guidance to prefer thread-local venv + python -m pip
- add regression tests for path mapping, masking, and access restrictions

Fixes #968
 2026-03-05 22:07:45 +08:00