npm - @seanmozeik/tripwire - Versions diffs - 0.4.0 → 0.5.0 - Mend

@seanmozeik/tripwire 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/src/rules/bash-deny.ts CHANGED Viewed

@@ -40,6 +40,13 @@ const SPECS: readonly Spec[] = [
     message: 'Fork bomb pattern detected. Refuse.',
     match: (_seg, raw) => /:\(\)\s*\{\s*:\s*\|\s*:\s*&\s*\}\s*;/.test(raw),
   },
+  {
+    rule: 'source-script',
+    action: 'deny',
+    message:
+      '`source` / `.` executes a file in the current shell. Refuse arbitrary sourced scripts.',
+    match: (seg) => (seg.head === 'source' || seg.head === '.') && seg.tokens.length > 1,
+  },
   {
     rule: 'dd-raw-device',
     action: 'deny',
@@ -329,18 +336,52 @@ const SPECS: readonly Spec[] = [
   },
 ];
+// Rules in this set ignore `# tripwire-allow` on the command line. They
+// Are catastrophic / irreversible operations and hard policy rules that
+// Have no legitimate prompt-line override. If the user genuinely needs
+// One of these to run, they should do it in a terminal themselves.
+const UNBYPASSABLE_RULES: ReadonlySet<string> = new Set([
+  // Catastrophic / irreversible
+  'rm-rf-root',
+  'rm-rf-home',
+  'fork-bomb',
+  'dd-raw-device',
+  'mkfs',
+  'kill-all',
+  'diskutil-destructive',
+  'tmutil-destructive',
+  // System control
+  'shutdown',
+  'csrutil',
+  'nvram',
+  'kextload',
+  'spctl-disable',
+  'xattr-quarantine-bypass',
+  'topgrade',
+  'softwareupdate-install',
+  'systemsetup',
+  'scutil-set',
+  'security-keychain-destructive',
+  // Hard policy rules
+  'no-verify',
+  'no-gpg-sign',
+]);
 const bashDeny = (segments: readonly Segment[], cmd: string): Decision => {
-  if (hasBypass(cmd)) {
-    return allow('bash-deny');
-  }
+  const bypass = hasBypass(cmd);
   for (const seg of segments) {
     for (const s of SPECS) {
-      if (s.match(seg, cmd)) {
-        return s.action === 'deny' ? deny(s.rule, s.message) : ask(s.rule, s.message);
+      if (!s.match(seg, cmd)) {
+        continue;
+      }
+      if (bypass && !UNBYPASSABLE_RULES.has(s.rule)) {
+        // Caller asserted in-turn approval; honor it for this rule.
+        continue;
       }
+      return s.action === 'deny' ? deny(s.rule, s.message) : ask(s.rule, s.message);
     }
   }
   return allow('bash-deny');
 };
-export { bashDeny };
+export { bashDeny, UNBYPASSABLE_RULES };

package/src/rules/bash-git.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { type Segment, hasBypass } from '../lib/bash';
+import { type Segment, hasBypass, unwrapStaticString } from '../lib/bash';
 import type { GitConfig } from '../lib/config';
 import { type Decision, allow, ask, deny, warn } from '../lib/decision';
@@ -111,15 +111,17 @@ const messageOf = (subArgs: readonly string[]): string | null => {
   for (let i = 0; i < subArgs.length; i++) {
     const t = subArgs[i]!;
     if (t === '-m' || t === '--message') {
-      return subArgs[i + 1] ?? null;
+      const raw = subArgs[i + 1];
+      return raw === undefined ? null : unwrapStaticString(raw);
     }
     if (t.startsWith('--message=')) {
-      return t.slice('--message='.length);
+      return unwrapStaticString(t.slice('--message='.length));
     }
     // Combined short flags like `-am`, `-ma`, `-amS` carry the message
     // In the next positional arg — same as `-m` alone.
     if (/^-[a-zA-Z]*m[a-zA-Z]*$/.test(t)) {
-      return subArgs[i + 1] ?? null;
+      const raw = subArgs[i + 1];
+      return raw === undefined ? null : unwrapStaticString(raw);
     }
   }
   return null;