mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-04-26 01:01:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
hermes-agent/tests/tools
History
0xbyt4 2efd9bbac4 fix: resolve symlink bypass in write deny list on macOS 
On macOS, /etc is a symlink to /private/etc. The _is_write_denied()
function resolves the input path with os.path.realpath() but the deny
list entries were stored as literal strings ("/etc/shadow"). This meant
the resolved path "/private/etc/shadow" never matched, allowing writes
to sensitive system files on macOS.

Fix: Apply os.path.realpath() to deny list entries at module load time
so both sides of the comparison use resolved paths.

Adds 19 regression tests in tests/tools/test_write_deny.py.
2026-02-26 13:30:55 +03:00
..
__init__.py test: reorganize test structure and add missing unit tests 2026-02-26 03:20:08 +03:00
test_approval.py test: reorganize test structure and add missing unit tests 2026-02-26 03:20:08 +03:00
test_code_execution.py test: reorganize test structure and add missing unit tests 2026-02-26 03:20:08 +03:00
test_delegate.py test: reorganize test structure and add missing unit tests 2026-02-26 03:20:08 +03:00
test_file_tools.py test: enhance session source tests and add validation for chat types 2026-02-26 00:53:57 -08:00
test_fuzzy_match.py test: reorganize test structure and add missing unit tests 2026-02-26 03:20:08 +03:00
test_interrupt.py test: reorganize test structure and add missing unit tests 2026-02-26 03:20:08 +03:00
test_patch_parser.py test: reorganize test structure and add missing unit tests 2026-02-26 03:20:08 +03:00
test_registry.py test: reorganize test structure and add missing unit tests 2026-02-26 03:20:08 +03:00
test_todo_tool.py test: reorganize test structure and add missing unit tests 2026-02-26 03:20:08 +03:00
test_write_deny.py fix: resolve symlink bypass in write deny list on macOS 2026-02-26 13:30:55 +03:00