Set exclude to true by default in app server #8281
Conversation
|
All contributors have signed the CLA ✍️ ✅ |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
codex-rs/app-server/src/lib.rs
Outdated
| // Allow app-server clients to inherit KEY/SECRET/TOKEN env vars. | ||
| cli_kv_overrides.push(( | ||
| "shell_environment_policy.ignore_default_excludes".to_string(), | ||
| TomlValue::Boolean(true), |
There was a problem hiding this comment.
This override unconditionally sets shell_environment_policy.ignore_default_excludes=true, so even if a user config (or -c override) keeps it false, the app-server will skip the default KEY/SECRET/TOKEN filter. In core/src/exec_env.rs, this flag controls removal of *KEY*/*SECRET*/*TOKEN* variables before spawning shell/local_shell commands; with the new behavior, app-server always passes those secrets into subprocess environments, which can leak API keys when app-server is used with untrusted commands or relaxed approvals. Consider honoring the configured value or gating this override behind an explicit opt-in.
Useful? React with 👍 / 👎.
ambrosino-oai
changed the title
|
I have read the CLA Document and I hereby sign the CLA |
No description provided.