mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-04-27 01:11:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
hermes-agent/tests
History
0xbyt4 2efd9bbac4 fix: resolve symlink bypass in write deny list on macOS 
On macOS, /etc is a symlink to /private/etc. The _is_write_denied()
function resolves the input path with os.path.realpath() but the deny
list entries were stored as literal strings ("/etc/shadow"). This meant
the resolved path "/private/etc/shadow" never matched, allowing writes
to sensitive system files on macOS.

Fix: Apply os.path.realpath() to deny list entries at module load time
so both sides of the comparison use resolved paths.

Adds 19 regression tests in tests/tools/test_write_deny.py.
2026-02-26 13:30:55 +03:00
..
gateway test: enhance session source tests and add validation for chat types 2026-02-26 00:53:57 -08:00
hermes_cli test: enhance session source tests and add validation for chat types 2026-02-26 00:53:57 -08:00
integration test: reorganize test structure and add missing unit tests 2026-02-26 03:20:08 +03:00
tools fix: resolve symlink bypass in write deny list on macOS 2026-02-26 13:30:55 +03:00
__init__.py A bit of restructuring for simplicity and organization 2025-10-01 23:29:25 +00:00
conftest.py test: reorganize test structure and add missing unit tests 2026-02-26 03:20:08 +03:00