import fs from "node:fs" ;import path from "node:path" ;import { describe, expect, it } from "vitest" ;import { resolveAllowAlwaysPatternEntries } from "./exec-approvals-allowlist.js" ;import {"./exec-approvals-test-helpers.js" ;import {"./exec-approvals.js" ;import { matchAllowlist } from "./exec-command-resolution.js" ;"resolveAllowAlwaysPatterns" , () => {function makeExecutable(dir: string, name: string): string {const fileName = process.platform === "win32" ? `${name}.exe` : name;const exe = path.join(dir, fileName);"" );0 o755);return exe;function resolvePersistedPatterns(params: {typeof resolveSafeBins>;boolean ;const analysis = evaluateShellAllowlist({return {function expectAllowAlwaysBypassBlocked(params: {const safeBins = resolveSafeBins(undefined);const { persisted } = resolvePersistedPatterns({const second = evaluateShellAllowlist({false );"on-miss" ,"allowlist" ,true );function createShellScriptFixture() {const dir = makeTempDir();const scriptsDir = path.join(dir, "scripts" );true });const script = path.join(scriptsDir, "save_crystal.sh" );"echo ok\n" );const env = { PATH: `${dir}${path.delimiter}${process.env.PATH ?? "" }` };const safeBins = resolveSafeBins(undefined);return { dir, scriptsDir, script, env, safeBins };function expectPersistedShellScriptMatch(params: {typeof resolveSafeBins>;const { persisted } = resolvePersistedPatterns({const second = evaluateShellAllowlist({true );function expectShellScriptFallbackRejected(command: string) {const { dir, scriptsDir, script, env, safeBins } = createShellScriptFixture();const rcFile = path.join(scriptsDir, "evilrc" );"echo blocked\n" );const { persisted } = resolvePersistedPatterns({const second = evaluateShellAllowlist({false );function expectPositionalArgvCarrierResult(params: {boolean ;const dir = makeTempDir();const touch = makeExecutable(dir, "touch" );const env = { PATH: `${dir}${path.delimiter}${process.env.PATH ?? "" }` };const safeBins = resolveSafeBins(undefined);const marker = path.join(dir, "marker" );const command = params.command.replaceAll("{marker}" , marker);const { persisted } = resolvePersistedPatterns({if (params.expectPersisted) {else {const second = evaluateShellAllowlist({"returns direct executable paths for non-shell segments" , () => {const exe = path.join("/tmp" , "openclaw-tool" );const patterns = resolveAllowAlwaysPatterns({"openclaw-tool" ,"does not persist interpreter-like executables for allow-always" , () => {const awk = path.join("/tmp" , "awk" );const patterns = resolveAllowAlwaysPatterns({'{print $1}' data.csv`,"{print $1}" , "data.csv" ],"awk" ,"persists benign awk interpreters when strict inline-eval is enabled" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const awk = makeExecutable(dir, "awk" );const env = makePathEnv(dir);const safeBins = resolveSafeBins(undefined);const { persisted } = resolvePersistedPatterns({"awk -F, -f script.awk data.csv" ,true ,const second = evaluateShellAllowlist({"awk -F, -f script.awk data.csv" ,true );"keeps Windows strict inline-eval interpreter approvals argv-bound" , () => {const awk = "C:\\temp\\awk.exe" ;const resolution = makeMockCommandResolution({"awk" ,const entries = resolveAllowAlwaysPatternEntries({"-F" , "," , "-f" , "script.awk" , "data.csv" ],"win32" ,true ,null ,"-F" , "," , "-f" , "script.awk" , "data.csv" ],"win32" ,null ,"-f" , "other.awk" , "secrets.csv" ],"win32" ,"keeps inline awk programs out of allow-always persistence in strict inline-eval mode" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();"awk" );const env = makePathEnv(dir);const safeBins = resolveSafeBins(undefined);const { persisted } = resolvePersistedPatterns({'BEGIN{system("id > ${path.join(dir, "marker")}")}' `,true ,"unwraps shell wrappers and persists the inner executable instead" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const whoami = makeExecutable(dir, "whoami" );const patterns = resolveAllowAlwaysPatterns({"/bin/zsh -lc 'whoami'" ,"/bin/zsh" , "-lc" , "whoami" ],"/bin/zsh" ,"/bin/zsh" ,"zsh" ,"/bin/zsh" );"extracts all inner binaries from shell chains and deduplicates" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const whoami = makeExecutable(dir, "whoami" );const ls = makeExecutable(dir, "ls" );const patterns = resolveAllowAlwaysPatterns({"/bin/zsh -lc 'whoami && ls && whoami'" ,"/bin/zsh" , "-lc" , "whoami && ls && whoami" ],"/bin/zsh" ,"/bin/zsh" ,"zsh" ,new Set(patterns)).toEqual(new Set([whoami, ls]));"persists shell script paths for wrapper invocations without inline commands" , () => {if (process.platform === "win32" ) {return ;const { dir, scriptsDir, script, env, safeBins } = createShellScriptFixture();"bash scripts/save_crystal.sh" ,const other = path.join(scriptsDir, "other.sh" );"echo other\n" );const third = evaluateShellAllowlist({"bash scripts/other.sh" ,false );"matches persisted shell script paths through dispatch wrappers" , () => {if (process.platform === "win32" ) {return ;const { dir, script, env, safeBins } = createShellScriptFixture();"/usr/bin/nice bash scripts/save_crystal.sh" ,"rejects shell rc and init-file options as persisted or allowlisted script paths" , () => {if (process.platform === "win32" ) {return ;for (const command of ["bash --rcfile scripts/evilrc scripts/save_crystal.sh" ,"bash --init-file scripts/evilrc scripts/save_crystal.sh" ,"bash --startup-file scripts/evilrc scripts/save_crystal.sh" ,"rejects shell rc and init-file equals options as persisted or allowlisted script paths" , () => {if (process.platform === "win32" ) {return ;for (const command of ["bash --rcfile=scripts/evilrc scripts/save_crystal.sh" ,"bash --init-file=scripts/evilrc scripts/save_crystal.sh" ,"bash --startup-file=scripts/evilrc scripts/save_crystal.sh" ,"rejects shell-wrapper positional argv carriers" , () => {if (process.platform === "win32" ) {return ;'$0 "$1"' touch {marker}`,true ,"rejects exec positional argv carriers" , () => {if (process.platform === "win32" ) {return ;'exec -- "$0" "$1"' touch {marker}`,true ,"rejects positional argv carriers when $0 is single-quoted" , () => {if (process.platform === "win32" ) {return ;"'$0' " $1 "" touch {marker}`,false ,"rejects positional argv carriers when exec is separated from $0 by a newline" , () => {if (process.platform === "win32" ) {return ;"exec 0 \\"$1\\" " touch {marker}`, false ,"rejects positional argv carriers when inline command contains extra shell operations" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const touch = makeExecutable(dir, "touch" );const env = { PATH: `${dir}${path.delimiter}${process.env.PATH ?? "" }` };const safeBins = resolveSafeBins(undefined);const marker = path.join(dir, "marker" );const { persisted } = resolvePersistedPatterns({'echo blocked; $0 "$1"' touch ${marker}`,const second = evaluateShellAllowlist({'echo blocked; $0 "$1"' touch ${marker}`,false );"does not treat inline shell commands as persisted script paths" , () => {if (process.platform === "win32" ) {return ;const { dir, script, env } = createShellScriptFixture();"bash scripts/save_crystal.sh" ,"bash -lc 'scripts/save_crystal.sh'" ,"does not treat stdin shell mode as a persisted script path" , () => {if (process.platform === "win32" ) {return ;const { dir, script, env } = createShellScriptFixture();"bash scripts/save_crystal.sh" ,"bash -s scripts/save_crystal.sh" ,"does not persist broad shell binaries when no inner command can be derived" , () => {const patterns = resolveAllowAlwaysPatterns({"/bin/zsh -s" ,"/bin/zsh" , "-s" ],"/bin/zsh" ,"/bin/zsh" ,"zsh" ,"detects shell wrappers even when unresolved executableName is a full path" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const whoami = makeExecutable(dir, "whoami" );const patterns = resolveAllowAlwaysPatterns({"/usr/local/bin/zsh -lc whoami" ,"/usr/local/bin/zsh" , "-lc" , "whoami" ],"/usr/local/bin/zsh" ,"/usr/local/bin/zsh" ,"unwraps known dispatch wrappers before shell wrappers" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const whoami = makeExecutable(dir, "whoami" );const patterns = resolveAllowAlwaysPatterns({"/usr/bin/nice /bin/zsh -lc whoami" ,"/usr/bin/nice" , "/bin/zsh" , "-lc" , "whoami" ],"/usr/bin/nice" ,"/usr/bin/nice" ,"nice" ,"/usr/bin/nice" );"unwraps time wrappers and persists the inner executable instead" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const whoami = makeExecutable(dir, "whoami" );const patterns = resolveAllowAlwaysPatterns({"/usr/bin/time -p /bin/zsh -lc whoami" ,"/usr/bin/time" , "-p" , "/bin/zsh" , "-lc" , "whoami" ],"/usr/bin/time" ,"/usr/bin/time" ,"time" ,"/usr/bin/time" );"unwraps busybox/toybox shell applets and persists inner executables" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const busybox = makeExecutable(dir, "busybox" );"toybox" );const whoami = makeExecutable(dir, "whoami" );const env = { PATH: `${dir}${path.delimiter}${process.env.PATH ?? "" }` };const patterns = resolveAllowAlwaysPatterns({"sh" , "-lc" , "whoami" ],"busybox" ,"fails closed for unsupported busybox/toybox applets" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const busybox = makeExecutable(dir, "busybox" );const patterns = resolveAllowAlwaysPatterns({1 p`,"sed" , "-n" , "1p" ],"busybox" ,"fails closed for unresolved dispatch wrappers" , () => {const patterns = resolveAllowAlwaysPatterns({"sudo /bin/zsh -lc whoami" ,"sudo" , "/bin/zsh" , "-lc" , "whoami" ],"sudo" ,"/usr/bin/sudo" ,"sudo" ,"prevents allow-always bypass for busybox shell applets" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const busybox = makeExecutable(dir, "busybox" );const echo = makeExecutable(dir, "echo" );"id" );const env = { PATH: `${dir}${path.delimiter}${process.env.PATH ?? "" }` };'echo warmup-ok' `,'id > marker' `,"prevents allow-always bypass for caffeinate wrapper chains" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const echo = makeExecutable(dir, "echo" );"id" );const env = makePathEnv(dir);"/usr/bin/caffeinate -d -w 42 /bin/zsh -lc 'echo warmup-ok'" ,"/usr/bin/caffeinate -d -w 42 /bin/zsh -lc 'id > marker'" ,"prevents allow-always bypass for dispatch-wrapper + shell-wrapper chains" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const echo = makeExecutable(dir, "echo" );"id" );const env = makePathEnv(dir);"/usr/bin/nice /bin/zsh -lc 'echo warmup-ok'" ,"/usr/bin/nice /bin/zsh -lc 'id > marker'" ,"prevents allow-always bypass for sandbox-exec wrapper chains" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const echo = makeExecutable(dir, "echo" );"id" );const env = makePathEnv(dir);"/usr/bin/sandbox-exec -p '(deny default) (allow process*)' /bin/zsh -lc 'echo warmup-ok'" ,"/usr/bin/sandbox-exec -p '(allow default)' /bin/zsh -lc 'id > marker'" ,"prevents allow-always bypass for time wrapper chains" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const echo = makeExecutable(dir, "echo" );"id" );const env = makePathEnv(dir);"/usr/bin/time -p /bin/zsh -lc 'echo warmup-ok'" ,"/usr/bin/time -p /bin/zsh -lc 'id > marker'" ,"prevents allow-always bypass for macOS dispatch-wrapper chains" , () => {if (process.platform !== "darwin" ) {return ;const dir = makeTempDir();const echo = makeExecutable(dir, "echo" );"id" );const env = makePathEnv(dir);"/usr/bin/arch -arm64 /bin/zsh -lc 'echo warmup-ok'" ,"/usr/bin/arch -arm64 /bin/zsh -lc 'id > marker-arch'" ,"/usr/bin/xcrun /bin/zsh -lc 'echo warmup-ok'" ,"/usr/bin/xcrun /bin/zsh -lc 'id > marker-xcrun'" ,"prevents allow-always bypass for awk interpreters" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();"awk" );const env = makePathEnv(dir);const safeBins = resolveSafeBins(undefined);const { persisted } = resolvePersistedPatterns({"awk '{print $1}' data.csv" ,const second = evaluateShellAllowlist({'BEGIN{system("id > ${path.join(dir, "marker")}")}' `,false );"on-miss" ,"allowlist" ,true );"prevents allow-always bypass for shell-carried awk interpreters" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();"awk" );const env = makePathEnv(dir);const safeBins = resolveSafeBins(undefined);const { persisted } = resolvePersistedPatterns({'$0 "$@"' awk '{print $1}' data.csv`,const second = evaluateShellAllowlist({'$0 "$@"' awk 'BEGIN{system("id > /tmp/pwned")}' `,false );"prevents allow-always bypass for script wrapper chains" , () => {if (process.platform !== "darwin" && process.platform !== "freebsd" ) {return ;const dir = makeTempDir();const echo = makeExecutable(dir, "echo" );"id" );const env = makePathEnv(dir);"/usr/bin/script -q /dev/null /bin/sh -lc 'echo warmup-ok'" ,"/usr/bin/script -q /dev/null /bin/sh -lc 'id > marker'" ,"does not persist comment-tailed payload paths that never execute" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const benign = makeExecutable(dir, "benign" );"payload" );const env = makePathEnv(dir);"payload" ,"rejects positional carrier when carried executable is a dispatch wrapper" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const envPath = makeExecutable(dir, "env" );const env = makePathEnv(dir);const safeBins = resolveSafeBins(undefined);const { persisted } = resolvePersistedPatterns({'$0 "$@"' env echo SAFE`,const second = evaluateShellAllowlist({'$0 "$@"' env BASH_ENV=/tmp/payload.sh bash -lc 'id > /tmp/pwned' `,false );"rejects positional carrier when carried executable is a shell wrapper" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const bashPath = makeExecutable(dir, "bash" );const env = makePathEnv(dir);const safeBins = resolveSafeBins(undefined);const { persisted } = resolvePersistedPatterns({'$0 "$@"' bash -lc 'echo safe' `,const second = evaluateShellAllowlist({'$0 "$@"' bash -lc 'id > /tmp/pwned' `,false );"allows positional carriers for unknown carried executables when explicitly allowlisted" , () => {if (process.platform === "win32" ) {return ;const dir = makeTempDir();const xargsPath = makeExecutable(dir, "xargs" );const env = makePathEnv(dir);const safeBins = resolveSafeBins(undefined);const { persisted } = resolvePersistedPatterns({'$0 "$@"' xargs echo SAFE`,const second = evaluateShellAllowlist({'$0 "$@"' xargs sh -lc 'id > /tmp/pwned' `,true );
Messung V0.5 in Prozent C=100 H=99 G=99
¤ Dauer der Verarbeitung: 0.18 Sekunden
(vorverarbeitet am 2026-06-06)
¤ *© Formatika GbR, Deutschland
