renato97/picoclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: tighten file perms and enforce Slack ACL checks (#186)

Browse Source 
- write config and cron store with 0600 instead of 0644
- check allow list in Slack slash commands and app mentions
- pass workspace restrict flag to cron exec tool

Closes #179
This commit is contained in:
is-Xiaoen
2026-02-16 16:06:39 +08:00
committed by GitHub
parent 17685da584
commit 5c321a90de
7 changed files with 86 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/tools/cron.go
View File

@@ -28,12 +28,12 @@ type CronTool struct {
}
// NewCronTool creates a new CronTool
func NewCronTool(cronService *cron.CronService, executor JobExecutor, msgBus *bus.MessageBus, workspace string) *CronTool {
func NewCronTool(cronService *cron.CronService, executor JobExecutor, msgBus *bus.MessageBus, workspace string, restrict bool) *CronTool {
return &CronTool{
cronService: cronService,
executor: executor,
msgBus: msgBus,
execTool: NewExecTool(workspace, false),
execTool: NewExecTool(workspace, restrict),
}
}