fix(sandbox): verify a sandbox's identity before sending a token#124
fix(sandbox): verify a sandbox's identity before sending a token#124jedisct1 wants to merge 10 commits into
Conversation
Connecting to a sandbox sent its acccess token to whatever server answered, without first checking the server was really the sandbox. Anyone able to intercept the connection could pose as the sandbox, get the token and use it to reach the real sandbox. Not great. Fix that by remembering each sandbox the first time it connects, and checking that identity on later connections. Both when using the command line and through the SDK. This stays mostly invisible in practice: the trusted identities are stored in ~/.config/bunny/sandbox_known_hosts, which is filled in automatically on first contact, including when a sandbox is created.
|
@codex review |
🦋 Changeset detectedLatest commit: 9651b16 The changes in this PR will be included in the next version bump. This PR includes changesets to release 7 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 9e6dbb5786
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Fixes copilot review
Fixes review from bot
jamie-at-bunny
left a comment
There was a problem hiding this comment.
This looks good to me! Thank you so much for the contribution @jedisct1, great you found what's upcoming 😄
@amir-at-bunny I'll leave this to you to review and merge.
amir-at-bunny
left a comment
There was a problem hiding this comment.
@jedisct1 thank you so much for the contribution! :) left some comments.
* main: feat(sandbox): runCommand timeout/AbortSignal and file ops (BunnyWay#122) # Conflicts: # packages/sandbox/src/errors.ts # packages/sandbox/src/index.ts # packages/sandbox/src/transport.ts
Connecting to a sandbox sent its acccess token to whatever server answered, without first checking the server was really the sandbox.
Anyone able to intercept the connection could pose as the sandbox, get the token and use it to reach the real sandbox. Not great.
Fix that by remembering each sandbox the first time it connects, and checking that identity on later connections.
Both when using the command line and through the SDK.
This stays mostly invisible in practice: the trusted identities are stored in ~/.config/bunny/sandbox_known_hosts, which is filled in automatically on first contact, including when a sandbox is created.