lzh/picoclaw
1
0
Fork 0
mirror of https://github.com/sipeed/picoclaw.git synced 2026-06-12 18:08:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

security: add open-by-default warning and '*' allow_from support

Browse Source
This commit is contained in:
Badgerbees
2026-03-27 20:04:21 +07:00
parent 76cd7f8ad5
commit 8d5fc736d6
1 changed files with 16 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/channels/base.go
+16 -1
View File
@@ -112,6 +112,18 @@ func NewBaseChannel(
for _, opt := range opts {
opt(bc)
}
// Security Audit: Check for open-by-default (unsecured) channels.
// PicoClaw aims to be secure-by-default. If allow_from is empty, the bot
// currently defaults to accepting messages from ANYONE. To explicitly
// acknowledge and permit this (e.g. for a public bot), use ["*"].
if len(bc.allowList) == 0 {
logger.WarnCF("channels", "SECURITY: Channel allows EVERYONE (allow_from is empty)", map[string]any{
"channel": bc.name,
"hint": "Set allow_from to your ID, or use '*' to explicitly acknowledge open access.",
})
}
return bc
}
@@ -187,6 +199,9 @@ func (c *BaseChannel) IsAllowed(senderID string) bool {
}
for _, allowed := range c.allowList {
if allowed == "*" {
return true
}
// Strip leading "@" from allowed value for username matching
trimmed := strings.TrimPrefix(allowed, "@")
allowedID := trimmed
@@ -221,7 +236,7 @@ func (c *BaseChannel) IsAllowedSender(sender bus.SenderInfo) bool {
}
for _, allowed := range c.allowList {
if identity.MatchAllowed(sender, allowed) {
if allowed == "*" || identity.MatchAllowed(sender, allowed) {
return true
}
}