Skip to content

security: Fix critical & high-risk vulnerabilities#41

Open
realmrhigh wants to merge 4 commits into
MonkeySee-AI:mainfrom
realmrhigh:security/critical-fixes
Open

security: Fix critical & high-risk vulnerabilities#41
realmrhigh wants to merge 4 commits into
MonkeySee-AI:mainfrom
realmrhigh:security/critical-fixes

Conversation

@realmrhigh

@realmrhigh realmrhigh commented May 18, 2026

Copy link
Copy Markdown

Security: Fix Critical & High-Risk Vulnerabilities

Overview

This PR addresses 4 critical/high-risk security issues identified during a security audit of the Rotunda browser. These fixes are essential for personal/production use and prevent token theft, binary compromise, MITM attacks, and arbitrary file writes.

Changes

C1: Auth Token Storage (Critical)

Issue: Session tokens stored plaintext in ~/.rotunda/agent/sessions/ with default permissions
Fix:

  • Session directories created with 0o700 (owner-only access)
  • All token files written with 0o600 permissions via atomic writes
  • Prevents unauthorized token access via symlink/permission races

Files: src/agent/session_manager.py

C2: Binary Integrity (Critical)

Issue: Downloaded browser binaries never verified; vulnerable to MITM/compromised releases
Fix:

  • SHA-256 checksum verification on all browser downloads
  • Checksums can be pinned in code; fails loudly if mismatch
  • Falls back to warning with computed hash if no pin exists

Files: src/browser/downloader.py

C3: SSL Verification (Critical)

Issue: verify=False in HTTP requests to geolocation/IP endpoints; vulnerable to MITM
Fix:

  • Removed all verify=False parameters
  • Enabled proper SSL verification using system CA bundle
  • Geolocation/fingerprint data now protected

Files: src/utils/ip_utils.py, src/api/endpoints.py

H2: Path Traversal (High)

Issue: No sanitization on screenshot/download file paths; allows arbitrary file writes
Fix:

  • New _safe_output_path() helper using os.path.normpath() + .resolve()
  • All file writes sandboxed to ROTUNDA_OUTPUT_DIR
  • Traversal attempts (../, symlinks) fail safely

Files: src/api/endpoints.py

Testing

  • All syntax checks pass ✅
  • No breaking changes to the API ✅
  • Session creation still works with new permissions ✅
  • Binary download with checksum verification tested ✅

Impact

  • For users: Tokens, binaries, and network traffic are now protected
  • For production: Eliminates the top 4 security attack vectors
  • Backwards compatible: No API changes, just stricter security enforcement

Commits

9aeb360 security: fix C1 token storage - restrictive 0o600/0o700 permissions
8d428a5 security: fix C2 binary integrity - SHA-256 checksum verification
593a67c security: fix C3 SSL verification - enable verify=True for geolocation
d938f1d security: fix H2 path traversal - sandbox screenshot and download paths

Signed-off-by: Stanton High stantonhigh@gmail.com

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@realmrhigh