Skip to content

Commit 3cfdcf8

Browse files
Mossakaclaude
Mossaka
and
claude
committed
fix(test): verify /host paths are inaccessible in chroot mode
AWF always runs in chroot mode (chroot /host), so /host$HOME/... paths don't exist inside the container. Changed the test from expecting 0-byte files at /host paths to verifying those paths are inaccessible, which is the correct security assertion for chroot mode. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 parent 03ad6ac commit 3cfdcf8

File tree

1 file changed

+7
-10
lines changed

1 file changed

+7
-10
lines changed

tests/integration/credential-hiding.test.ts

Lines changed: 7 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -315,14 +315,15 @@ describe('Credential Hiding Security', () => {
315315
expect(lines.length).toBe(untestedPaths.length);
316316
}, 120000);
317317

318-
test('All untested credential files are hidden at /host path (0 bytes)', async () => {
318+
test('All untested credential files are inaccessible at /host path (chroot prevents access)', async () => {
319319
const homeDir = os.homedir();
320320
const paths = untestedPaths.map(p => `/host${homeDir}/${p.path}`).join(' ');
321321

322-
// Use [ -e ] instead of [ -f ] because /dev/null-mounted files are
323-
// character special devices, not regular files
322+
// AWF always runs in chroot mode (chroot /host), so /host$HOME/... paths
323+
// don't exist inside the container — they're already inside the chroot.
324+
// This verifies that credentials can't be exfiltrated via /host prefix paths.
324325
const result = await runner.runWithSudo(
325-
`sh -c 'for f in ${paths}; do if [ -e "$f" ]; then wc -c "$f"; fi; done 2>&1 || true'`,
326+
`sh -c 'count=0; for f in ${paths}; do if [ -e "$f" ]; then count=$((count+1)); fi; done; echo "accessible: $count"'`,
326327
{
327328
allowDomains: ['github.com'],
328329
logLevel: 'debug',
@@ -332,12 +333,8 @@ describe('Credential Hiding Security', () => {
332333

333334
expect(result).toSucceed();
334335
const cleanOutput = extractCommandOutput(result.stdout);
335-
const lines = cleanOutput.split('\n').filter(l => l.match(/^\s*\d+/));
336-
lines.forEach(line => {
337-
const size = parseInt(line.trim().split(/\s+/)[0]);
338-
expect(size).toBe(0);
339-
});
340-
expect(lines.length).toBe(untestedPaths.length);
336+
// No files should be accessible at /host paths inside chroot
337+
expect(cleanOutput).toContain('accessible: 0');
341338
}, 120000);
342339

343340
test('cat on each untested credential file returns empty content', async () => {

0 commit comments

Comments
 (0)