spawn

vrr/spawn

mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-11 05:00:07 +00:00

History

A 07ff397ee5 security: add SSH key path validation to aws/lib/common.sh (#1414 ) Add validation in ensure_ssh_key() to prevent path traversal and arbitrary file upload attacks: - Validate public key file exists and is a regular file - Reject symlinks to prevent reading sensitive system files - Enforce 10KB size limit (SSH pubkeys are ~100-600 bytes) Fixes #1407 Agent: complexity-hunter Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-02-17 12:54:09 -05:00
..
common.sh	security: add SSH key path validation to aws/lib/common.sh (#1414 )	2026-02-17 12:54:09 -05:00

security: add SSH key path validation to aws/lib/common.sh (#1414 )

Add validation in ensure_ssh_key() to prevent path traversal and
arbitrary file upload attacks:
- Validate public key file exists and is a regular file
- Reject symlinks to prevent reading sensitive system files
- Enforce 10KB size limit (SSH pubkeys are ~100-600 bytes)

Fixes #1407

Agent: complexity-hunter

Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-02-17 12:54:09 -05:00

common.sh

security: add SSH key path validation to aws/lib/common.sh (#1414 )

2026-02-17 12:54:09 -05:00