| tiêu đề | nextlevelbuilder GoClaw 3.13.2 Incorrect Authorization (CWE-863) |
|---|
| Mô tả | # Technical Details
An authorization bypass exists in the `exec` approval flow in `internal/tools/exec_approval.go` of GoClaw.
The application uses only the basename (`filepath.Base`) of the command as the trust key in the `alwaysAllow` map. When an operator approves a pathless command like `canary-bin` with `always=true`, a later path-scoped command such as `./canary-bin` or `/tmp/canary-bin` is accepted without a second approval because they all normalize to the same cache key `canary-bin`, even though they resolve to different executables.
# Vulnerable Code
File: internal/tools/exec_approval.go
Method: extractBin() / RequestApproval() / matchesAllowlist()
Why: `extractBin()` calls `filepath.Base(fields[0])`, collapsing `canary-bin`, `./canary-bin`, and `/tmp/canary-bin` all to the same key `canary-bin`. `RequestApproval()` stores `always=true` trust decisions under this basename-only key. Later `matchesAllowlist()` reuses the same key, so a different path-scoped executable from the caller-controlled working directory satisfies the previously granted trust without a new approval.
# Reproduction
1. Configure `tools.execApproval.security=allowlist` and `tools.execApproval.ask=on-miss` with an empty allowlist.
2. Seed `PATH` with a benign `canary-bin` that prints `PATH_OK`.
3. Place a different `./canary-bin` in the workspace that writes `BYPASS_CONFIRMED`.
4. Invoke `canary-bin` via `POST /v1/tools/invoke` and approve the pending request with `always=true`.
5. Invoke `./canary-bin` via the same endpoint — it succeeds immediately with no second approval, executing the workspace binary.
# Impact
- Attackers can reuse one `allow-always` approval for a pathless executable to execute attacker-chosen binaries from a writable workspace on the host.
- Bypasses the intended human confirmation boundary in deployments relying on `allowlist + ask=on-miss` approval mode.
- Allows unauthorized host command execution by subverting the exec approval policy. |
|---|
| Nguồn | ⚠️ https://github.com/nextlevelbuilder/goclaw/issues/1216 |
|---|
| Người dùng | Eric-g (UID 96879) |
|---|
| Đệ trình | 12/06/2026 10:54 (cách đây 1 tháng) |
|---|
| Kiểm duyệt | 17/07/2026 17:57 (1 month later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 379831 [nextlevelbuilder GoClaw đến 3.13.2 exec_approval.go extractBin/RequestApproval/matchesAllowlist nâng cao đặc quyền] |
|---|
| điểm | 20 |
|---|