mcp-rce-guard 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +57 -0
- package/README.md +6 -2
- package/dist/cve/replay.d.ts.map +1 -1
- package/dist/cve/replay.js +83 -0
- package/dist/cve/replay.js.map +1 -1
- package/dist/isolation/landlock.d.ts +4 -0
- package/dist/isolation/landlock.d.ts.map +1 -1
- package/dist/isolation/landlock.js +22 -1
- package/dist/isolation/landlock.js.map +1 -1
- package/dist/server.js +1 -1
- package/dist/server.js.map +1 -1
- package/dist/types.d.ts +2 -0
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js +2 -1
- package/dist/types.js.map +1 -1
- package/package.json +2 -1
package/CHANGELOG.md
ADDED
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
# Changelog
|
|
2
|
+
|
|
3
|
+
All notable changes to `mcp-rce-guard` are documented here. The format follows
|
|
4
|
+
[Keep a Changelog](https://keepachangelog.com/en/1.1.0/) and the project adheres
|
|
5
|
+
to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
6
|
+
|
|
7
|
+
## [0.1.1] - 2026-06-21
|
|
8
|
+
|
|
9
|
+
### Security
|
|
10
|
+
|
|
11
|
+
- **New CVE-replay fixture `mcp-interpreter-eval-rce` — closes the
|
|
12
|
+
interpreter inline-eval RCE class.** Before this release, a command that
|
|
13
|
+
handed attacker-influenced source code to a language runtime via an
|
|
14
|
+
inline-eval flag (`node -e` / `node --eval` / `node -p`, `python -c`,
|
|
15
|
+
`perl -e`, `ruby -e`, `php -r`, `deno eval`, `bun -e`) was reported as
|
|
16
|
+
`overall: pass` by `scan_cve_replay`. Such commands need **no** shell
|
|
17
|
+
binary and **no** shell metacharacter, so they slipped past both the
|
|
18
|
+
`nginx-mcp-rce-9.8` (shell-binary) and `mcp-sdk-rce-2026-04-22`
|
|
19
|
+
(shell-metachar) predicates — a full arbitrary-code-execution hole in a
|
|
20
|
+
guard whose entire purpose is to close tool-injection RCE. Detection is
|
|
21
|
+
exact-token (post-NFKC) so benign launch flags such as
|
|
22
|
+
`--experimental-vm-modules`, `--enable-source-maps`,
|
|
23
|
+
`--max-old-space-size=512` and `--inspect` are **not** misclassified.
|
|
24
|
+
(`src/cve/replay.ts`, `src/types.ts`).
|
|
25
|
+
- **`mcp-sdk-rce-2026-04-22` now flags newline / carriage-return command
|
|
26
|
+
separators.** A literal `\n` / `\r` is a command separator in every POSIX
|
|
27
|
+
shell, but the metacharacter pattern set previously omitted them, so
|
|
28
|
+
`node tool.js\nrm -rf /` passed. (`src/cve/replay.ts`).
|
|
29
|
+
- **`policyAllowsExec` path-confusion fix.** The exported landlock predicate
|
|
30
|
+
used a naive `startsWith`, so a rule for `/usr/bin` also authorized
|
|
31
|
+
`execute` on sibling paths that merely share the textual prefix
|
|
32
|
+
(`/usr/binary-evil/x`, `/usr/bin-backdoor`) — paths outside the allowed
|
|
33
|
+
tree. Matching is now path-boundary aware (exact path or `/`-delimited
|
|
34
|
+
descendant). (`src/isolation/landlock.ts`).
|
|
35
|
+
|
|
36
|
+
### Added
|
|
37
|
+
|
|
38
|
+
- Attack-blocked **and** benign-allowed test coverage for every detection
|
|
39
|
+
change above (`tests/unit/cve-replay.test.ts`,
|
|
40
|
+
`tests/unit/landlock-policy.test.ts`). Suite grows 142 → 179 tests.
|
|
41
|
+
|
|
42
|
+
### Notes
|
|
43
|
+
|
|
44
|
+
- All three fixes are additive and backward compatible. Existing `cveSet`
|
|
45
|
+
arrays keep working; `BUILT_IN_FIXTURES` grows from 3 to 4. This stays in
|
|
46
|
+
the v0.1 descriptor-only line — no native enforcement is introduced (that
|
|
47
|
+
remains the v0.2 tranche). Hence a patch bump (0.1.0 → 0.1.1) rather than a
|
|
48
|
+
minor, which the README reserves semantically for the native-enforcement
|
|
49
|
+
release.
|
|
50
|
+
|
|
51
|
+
## [0.1.0] - 2026-05-13
|
|
52
|
+
|
|
53
|
+
- Initial public release. Policy-synthesis (landlock / sandbox-exec /
|
|
54
|
+
cgroups-v2 descriptors), behavioral CVE-replay predicates
|
|
55
|
+
(`mcp-sdk-rce-2026-04-22`, `cve-2026-27124`, `nginx-mcp-rce-9.8`),
|
|
56
|
+
cross-server canary tracker, network-egress allowlist, append-only NDJSON
|
|
57
|
+
audit log, NFKC + zero-width + Bidi normalization shared with Pillar 8.
|
package/README.md
CHANGED
|
@@ -1,3 +1,7 @@
|
|
|
1
|
+
<!-- studiomeyer-mcp-stack-banner:start -->
|
|
2
|
+
> **Part of the [StudioMeyer MCP Stack](https://studiomeyer.io)** — Built in Mallorca 🌴 · ⭐ if you use it
|
|
3
|
+
<!-- studiomeyer-mcp-stack-banner:end -->
|
|
4
|
+
|
|
1
5
|
# mcp-rce-guard
|
|
2
6
|
|
|
3
7
|
Policy-synthesis + behavioral CVE-replay + canary-tracking library for MCP servers. Foundation Pillar 9.
|
|
@@ -10,7 +14,7 @@ Policy-synthesis + behavioral CVE-replay + canary-tracking library for MCP serve
|
|
|
10
14
|
|
|
11
15
|
Use this library if you want:
|
|
12
16
|
- A typed, validated way to describe what an MCP subprocess is allowed to read, write, spawn, and talk to.
|
|
13
|
-
- A reproducible scanner for known RCE-vulnerability classes in subprocess commands (MCP-SDK-RCE-2026-04-22, CVE-2026-27124, Nginx-MCP RCE 9.8) plus 5 shell-injection + 3 fullwidth-unicode payload patterns from the simulate_attacker_input corpus.
|
|
17
|
+
- A reproducible scanner for known RCE-vulnerability classes in subprocess commands (MCP-SDK-RCE-2026-04-22, CVE-2026-27124, Nginx-MCP RCE 9.8, interpreter inline-eval RCE) plus 5 shell-injection + 3 fullwidth-unicode payload patterns from the simulate_attacker_input corpus.
|
|
14
18
|
- An append-only NDJSON audit log of every isolation decision. Verified tamper-evident signing (Acra-pattern key derivation + rotation + integrated verifier) is on the v0.2 roadmap; v0.1 ships the log unsigned and treats signing as a v0.2 deliverable.
|
|
15
19
|
|
|
16
20
|
Do **not** use v0.1 if you need a sandbox that actually contains a hostile subprocess at the kernel boundary. For that, the v0.1 descriptor needs to be paired with an enforcement helper. v0.2 ships that helper.
|
|
@@ -19,7 +23,7 @@ Do **not** use v0.1 if you need a sandbox that actually contains a hostile subpr
|
|
|
19
23
|
|
|
20
24
|
- **Process isolation policy synthesis** — emits landlock (Linux >=5.13) policy descriptors, sandbox-exec (macOS) Scheme profiles, cgroups-v2 specs (memory.max, pids.max, cpu.max). Descriptors only; no syscalls are made.
|
|
21
25
|
- **Network egress allowlist** — default-deny policy with wildcard / exact / suffix / port:* matching. Descriptors only; no nftables / packet-filter integration.
|
|
22
|
-
- **CVE replay suite** — behavioral predicates for known MCP-server RCE vectors. Not exploit payloads — predicates that scan a target command for the vulnerable shape.
|
|
26
|
+
- **CVE replay suite** — behavioral predicates for known MCP-server RCE vectors (`mcp-sdk-rce-2026-04-22`, `cve-2026-27124`, `nginx-mcp-rce-9.8`, `mcp-interpreter-eval-rce`). Not exploit payloads — predicates that scan a target command for the vulnerable shape. The `mcp-interpreter-eval-rce` fixture (added 0.1.1) flags interpreter inline-eval sinks (`node -e`/`--eval`/`-p`, `python -c`, `perl -e`, `ruby -e`, `php -r`, `deno eval`, `bun -e`) that execute arbitrary code without a shell binary or shell metacharacter; the shell-metachar predicate also flags newline/CR command separators as of 0.1.1. Exact-token matching keeps benign launch flags (`--experimental-vm-modules`, `--max-old-space-size`, `--inspect`) out of the detection.
|
|
23
27
|
- **Cross-server canary tokens** — issue tokens, scan downstream stdout / fs-write / network-egress streams for leaks (MCPHunt arXiv 2604.27819 pattern).
|
|
24
28
|
- **NDJSON append-only audit log** — every tool call appended at `$MCP_RCE_GUARD_HOME/audit.log`. 100MB rotation with max 10 backups. v0.1 ships unsigned (no in-process verifier); v0.2 adds Acra-pattern HMAC chain with key derivation, rotation safety and an integrated verifier.
|
|
25
29
|
- **NFKC + zero-width strip + Bidi-block** normalization shared with Pillar 8 (mcp-stdio-shellguard).
|
package/dist/cve/replay.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"replay.d.ts","sourceRoot":"","sources":["../../src/cve/replay.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAGzC,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,KAAK,CAAC;IACV,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,gBAAgB,CAAC;CAC9C;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC;IACxB,QAAQ,EAAE,MAAM,CAAC;CAClB;
|
|
1
|
+
{"version":3,"file":"replay.d.ts","sourceRoot":"","sources":["../../src/cve/replay.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAGzC,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,KAAK,CAAC;IACV,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,gBAAgB,CAAC;CAC9C;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC;IACxB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAuKD,eAAO,MAAM,iBAAiB,EAAE,SAAS,UAAU,EAuFlD,CAAC;AAEF,wBAAgB,UAAU,CAAC,EAAE,EAAE,KAAK,GAAG,UAAU,GAAG,SAAS,CAE5D;AAED,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,KAAK,CAAC;IACV,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;IACpC,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,MAAM,GAAG,MAAM,CAAC;IACzB,MAAM,EAAE,YAAY,EAAE,CAAC;CACxB;AAED,wBAAgB,SAAS,CACvB,aAAa,EAAE,MAAM,EACrB,MAAM,CAAC,EAAE,KAAK,EAAE,EAChB,SAAS,SAAS,GACjB,YAAY,CAqCd"}
|
package/dist/cve/replay.js
CHANGED
|
@@ -94,6 +94,7 @@ const SHELL_METACHAR_PATTERNS = [
|
|
|
94
94
|
{ pattern: /(^|[^\\])>(?!>)/, name: "stdout redirect" },
|
|
95
95
|
{ pattern: /(^|[^\\])>>/, name: "append redirect" },
|
|
96
96
|
{ pattern: /(^|[^\\])<(?![<])/, name: "stdin redirect" },
|
|
97
|
+
{ pattern: /[\n\r]/, name: "newline/CR command separator" },
|
|
97
98
|
{ pattern: /\$\{[^}]+\}/, name: "${VAR} expansion" },
|
|
98
99
|
{ pattern: /\$[A-Za-z_][A-Za-z0-9_]*/, name: "$VAR expansion" }
|
|
99
100
|
];
|
|
@@ -113,6 +114,71 @@ function findShellInvocation(cmd) {
|
|
|
113
114
|
}
|
|
114
115
|
return null;
|
|
115
116
|
}
|
|
117
|
+
/**
|
|
118
|
+
* Language interpreters that accept attacker-controlled source code through an
|
|
119
|
+
* inline-eval flag. Spawning any of these with such a flag is an arbitrary
|
|
120
|
+
* code-execution sink that needs NO shell binary and NO shell metacharacter —
|
|
121
|
+
* so it slips past both the nginx-mcp-rce-9.8 (shell-binary) and the
|
|
122
|
+
* mcp-sdk-rce-2026-04-22 (shell-metachar) predicates. `node -e '<js>'` is the
|
|
123
|
+
* canonical example; the same shape exists for python/perl/ruby/php/deno/bun.
|
|
124
|
+
*
|
|
125
|
+
* Keyed by interpreter basename → the set of flags that take inline code.
|
|
126
|
+
* Matching is exact-token (post-split, post-NFKC), never substring, so benign
|
|
127
|
+
* flags such as `--experimental-vm-modules`, `--enable-source-maps` or
|
|
128
|
+
* `--max-old-space-size=512` are NOT mistaken for an eval flag.
|
|
129
|
+
*/
|
|
130
|
+
const INTERPRETER_EVAL_FLAGS = new Map([
|
|
131
|
+
["node", new Set(["-e", "--eval", "-p", "--print"])],
|
|
132
|
+
["nodejs", new Set(["-e", "--eval", "-p", "--print"])],
|
|
133
|
+
["deno", new Set(["eval"])],
|
|
134
|
+
["bun", new Set(["-e", "--eval"])],
|
|
135
|
+
["python", new Set(["-c"])],
|
|
136
|
+
["python2", new Set(["-c"])],
|
|
137
|
+
["python3", new Set(["-c"])],
|
|
138
|
+
["perl", new Set(["-e", "-E"])],
|
|
139
|
+
["ruby", new Set(["-e"])],
|
|
140
|
+
["php", new Set(["-r"])]
|
|
141
|
+
]);
|
|
142
|
+
/**
|
|
143
|
+
* Scan a command for an interpreter inline-eval invocation. Returns a human
|
|
144
|
+
* readable evidence string when found, else null.
|
|
145
|
+
*
|
|
146
|
+
* Heuristic: once a token whose basename is a known interpreter is seen, any
|
|
147
|
+
* following token that is (or starts with, for `--flag=value` / `-eVALUE`
|
|
148
|
+
* forms) one of that interpreter's eval flags is a hit. We scope the flag
|
|
149
|
+
* search to tokens AFTER the interpreter so an unrelated earlier `-e` cannot
|
|
150
|
+
* be blamed on a later interpreter.
|
|
151
|
+
*/
|
|
152
|
+
function findInterpreterEval(cmd) {
|
|
153
|
+
const tokens = cmd
|
|
154
|
+
.split(/[\s;|&]+/)
|
|
155
|
+
.map((t) => t.trim())
|
|
156
|
+
.filter((t) => t.length > 0);
|
|
157
|
+
for (let i = 0; i < tokens.length; i++) {
|
|
158
|
+
const token = tokens[i];
|
|
159
|
+
if (token === undefined)
|
|
160
|
+
continue;
|
|
161
|
+
const basename = token.split("/").pop() ?? token;
|
|
162
|
+
const evalFlags = INTERPRETER_EVAL_FLAGS.get(basename);
|
|
163
|
+
if (!evalFlags)
|
|
164
|
+
continue;
|
|
165
|
+
for (let j = i + 1; j < tokens.length; j++) {
|
|
166
|
+
const next = tokens[j];
|
|
167
|
+
if (next === undefined)
|
|
168
|
+
continue;
|
|
169
|
+
for (const flag of evalFlags) {
|
|
170
|
+
// Exact `-e`, long `--eval`, `--eval=...`, or glued short `-eCODE`.
|
|
171
|
+
const glued = flag.startsWith("--")
|
|
172
|
+
? next === flag || next.startsWith(`${flag}=`)
|
|
173
|
+
: next === flag || (flag.length === 2 && next.startsWith(flag) && next.length > 2);
|
|
174
|
+
if (glued) {
|
|
175
|
+
return `${basename} ${flag}`;
|
|
176
|
+
}
|
|
177
|
+
}
|
|
178
|
+
}
|
|
179
|
+
}
|
|
180
|
+
return null;
|
|
181
|
+
}
|
|
116
182
|
export const BUILT_IN_FIXTURES = [
|
|
117
183
|
{
|
|
118
184
|
id: "mcp-sdk-rce-2026-04-22",
|
|
@@ -178,6 +244,23 @@ export const BUILT_IN_FIXTURES = [
|
|
|
178
244
|
evidence: "no shell binary invocation detected"
|
|
179
245
|
};
|
|
180
246
|
}
|
|
247
|
+
},
|
|
248
|
+
{
|
|
249
|
+
id: "mcp-interpreter-eval-rce",
|
|
250
|
+
description: "Interpreter inline-eval RCE — the spawned command hands attacker-influenced source code to a language runtime via an inline-eval flag (node -e/--eval/-p, python -c, perl -e, ruby -e, php -r, deno eval, bun -e). This is arbitrary code execution that needs NO shell binary and NO shell metacharacter, so it bypasses both the nginx-mcp-rce-9.8 and mcp-sdk-rce-2026-04-22 predicates. Predicate: no interpreter inline-eval invocation may appear anywhere in the command.",
|
|
251
|
+
predicate: (cmd) => {
|
|
252
|
+
const found = findInterpreterEval(cmd);
|
|
253
|
+
if (found !== null) {
|
|
254
|
+
return {
|
|
255
|
+
status: "fail",
|
|
256
|
+
evidence: `command invokes interpreter inline-eval "${found}" — arbitrary-code-execution sink`
|
|
257
|
+
};
|
|
258
|
+
}
|
|
259
|
+
return {
|
|
260
|
+
status: "pass",
|
|
261
|
+
evidence: "no interpreter inline-eval invocation detected"
|
|
262
|
+
};
|
|
263
|
+
}
|
|
181
264
|
}
|
|
182
265
|
];
|
|
183
266
|
export function getFixture(id) {
|
package/dist/cve/replay.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"replay.js","sourceRoot":"","sources":["../../src/cve/replay.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAa/C;;;;;;;;;GASG;AACH,MAAM,aAAa,GAAwB,IAAI,GAAG,CAAC;IACjD,MAAM;IACN,MAAM;IACN,UAAU;IACV,SAAS;IACT,OAAO;IACP,MAAM;IACN,MAAM;IACN,QAAQ;IACR,UAAU;IACV,IAAI;IACJ,MAAM;IACN,QAAQ;IACR,MAAM;IACN,KAAK;IACL,KAAK;IACL,QAAQ;IACR,UAAU;IACV,SAAS;IACT,QAAQ;IACR,OAAO;IACP,UAAU;IACV,OAAO;IACP,IAAI;CACL,CAAC,CAAC;AAEH;;;;;;GAMG;AACH,MAAM,cAAc,GAAsB;IACxC,IAAI;IACJ,MAAM;IACN,KAAK;IACL,MAAM;IACN,KAAK;IACL,KAAK;IACL,MAAM;IACN,MAAM;IACN,KAAK;IACL,SAAS;CACV,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,uBAAuB,GAAiD;IAC5E,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,+BAA+B,EAAE;IAC7D,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,6BAA6B,EAAE;IAC/D,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,4BAA4B,EAAE;IACtD,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,qBAAqB,EAAE;IACxD,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,gBAAgB,EAAE;IACzD,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,gCAAgC,EAAE;IACvE,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,sBAAsB,EAAE;IACxD,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,qBAAqB,EAAE;IACzD,EAAE,OAAO,EAAE,iBAAiB,EAAE,IAAI,EAAE,iBAAiB,EAAE;IACvD,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,iBAAiB,EAAE;IACnD,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,gBAAgB,EAAE;IACxD,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,kBAAkB,EAAE;IACpD,EAAE,OAAO,EAAE,0BAA0B,EAAE,IAAI,EAAE,gBAAgB,EAAE;CAChE,CAAC;AAEF,SAAS,mBAAmB,CAAC,GAAW;IACtC,oEAAoE;IACpE,mEAAmE;IACnE,MAAM,MAAM,GAAG,GAAG;SACf,KAAK,CAAC,UAAU,CAAC;SACjB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC/B,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,2DAA2D;QAC3D,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,KAAK,CAAC;QACjD,IAAI,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YACtC,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,CAAC,MAAM,iBAAiB,GAA0B;IACtD;QACE,EAAE,EAAE,wBAAwB;QAC5B,WAAW,EACT,4PAA4P;QAC9P,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;YACjB,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,uBAAuB,EAAE,CAAC;gBACxD,IAAI,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;oBACtB,OAAO;wBACL,MAAM,EAAE,MAAM;wBACd,QAAQ,EAAE,oBAAoB,IAAI,KAAK,GAAG,2BAA2B;qBACtE,CAAC;gBACJ,CAAC;YACH,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,MAAM;gBACd,QAAQ,EAAE,wDAAwD;aACnE,CAAC;QACJ,CAAC;KACF;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,WAAW,EACT,qNAAqN;QACvN,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;YACjB,8CAA8C;YAC9C,MAAM,QAAQ,GAAG,sCAAsC,CAAC;YACxD,MAAM,MAAM,GAAG,+BAA+B,CAAC;YAC/C,MAAM,OAAO,GAAa,EAAE,CAAC;YAC7B,KAAK,MAAM,EAAE,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE,CAAC;gBACpC,IAAI,CAAyB,CAAC;gBAC9B,OAAO,CAAC,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;oBACnC,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;oBAClB,IAAI,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;wBACrC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACrB,CAAC;gBACH,CAAC;YACH,CAAC;YACD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACvB,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACrD,OAAO;oBACL,MAAM,EAAE,MAAM;oBACd,QAAQ,EAAE,8CAA8C,IAAI,oCAAoC;iBACjG,CAAC;YACJ,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,MAAM;gBACd,QAAQ,EAAE,iDAAiD;aAC5D,CAAC;QACJ,CAAC;KACF;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,WAAW,EACT,wUAAwU;QAC1U,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;YACjB,MAAM,KAAK,GAAG,mBAAmB,CAAC,GAAG,CAAC,CAAC;YACvC,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;gBACnB,OAAO;oBACL,MAAM,EAAE,MAAM;oBACd,QAAQ,EAAE,iCAAiC,KAAK,sBAAsB;iBACvE,CAAC;YACJ,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,MAAM;gBACd,QAAQ,EAAE,qCAAqC;aAChD,CAAC;QACJ,CAAC;KACF;CACF,CAAC;AAEF,MAAM,UAAU,UAAU,CAAC,EAAS;IAClC,OAAO,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;AACpD,CAAC;AAcD,MAAM,UAAU,SAAS,CACvB,aAAqB,EACrB,MAAgB,EAChB,SAAS,GAAG,MAAM;IAElB,4EAA4E;IAC5E,kEAAkE;IAClE,mEAAmE;IACnE,wEAAwE;IACxE,4EAA4E;IAC5E,uEAAuE;IACvE,iFAAiF;IACjF,4DAA4D;IAC5D,MAAM,iBAAiB,GAAG,YAAY,CAAC,aAAa,CAAC,CAAC;IAEtD,MAAM,GAAG,GAAG,MAAM,IAAI,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IACzD,MAAM,MAAM,GAAmB,EAAE,CAAC;IAClC,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE5B,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE,CAAC;QACrB,MAAM,OAAO,GAAG,UAAU,CAAC,EAAE,CAAC,CAAC;QAC/B,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,oBAAoB,EAAE,CAAC,CAAC;YACtF,SAAS;QACX,CAAC;QACD,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,GAAG,SAAS,EAAE,CAAC;YACtC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAC;YAC3E,SAAS;QACX,CAAC;QACD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,MAAM,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAC;QACpD,MAAM,CAAC,IAAI,CAAC;YACV,EAAE;YACF,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;YAC9B,QAAQ,EAAE,MAAM,CAAC,QAAQ;SAC1B,CAAC,CAAC;IACL,CAAC;IAED,MAAM,OAAO,GAAoB,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;IAC5F,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;AAC7B,CAAC"}
|
|
1
|
+
{"version":3,"file":"replay.js","sourceRoot":"","sources":["../../src/cve/replay.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAa/C;;;;;;;;;GASG;AACH,MAAM,aAAa,GAAwB,IAAI,GAAG,CAAC;IACjD,MAAM;IACN,MAAM;IACN,UAAU;IACV,SAAS;IACT,OAAO;IACP,MAAM;IACN,MAAM;IACN,QAAQ;IACR,UAAU;IACV,IAAI;IACJ,MAAM;IACN,QAAQ;IACR,MAAM;IACN,KAAK;IACL,KAAK;IACL,QAAQ;IACR,UAAU;IACV,SAAS;IACT,QAAQ;IACR,OAAO;IACP,UAAU;IACV,OAAO;IACP,IAAI;CACL,CAAC,CAAC;AAEH;;;;;;GAMG;AACH,MAAM,cAAc,GAAsB;IACxC,IAAI;IACJ,MAAM;IACN,KAAK;IACL,MAAM;IACN,KAAK;IACL,KAAK;IACL,MAAM;IACN,MAAM;IACN,KAAK;IACL,SAAS;CACV,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,uBAAuB,GAAiD;IAC5E,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,+BAA+B,EAAE;IAC7D,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,6BAA6B,EAAE;IAC/D,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,4BAA4B,EAAE;IACtD,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,qBAAqB,EAAE;IACxD,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,gBAAgB,EAAE;IACzD,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,gCAAgC,EAAE;IACvE,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,sBAAsB,EAAE;IACxD,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,qBAAqB,EAAE;IACzD,EAAE,OAAO,EAAE,iBAAiB,EAAE,IAAI,EAAE,iBAAiB,EAAE;IACvD,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,iBAAiB,EAAE;IACnD,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,gBAAgB,EAAE;IACxD,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,8BAA8B,EAAE;IAC3D,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,kBAAkB,EAAE;IACpD,EAAE,OAAO,EAAE,0BAA0B,EAAE,IAAI,EAAE,gBAAgB,EAAE;CAChE,CAAC;AAEF,SAAS,mBAAmB,CAAC,GAAW;IACtC,oEAAoE;IACpE,mEAAmE;IACnE,MAAM,MAAM,GAAG,GAAG;SACf,KAAK,CAAC,UAAU,CAAC;SACjB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC/B,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,2DAA2D;QAC3D,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,KAAK,CAAC;QACjD,IAAI,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YACtC,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,sBAAsB,GAA6C,IAAI,GAAG,CAAC;IAC/E,CAAC,MAAM,EAAE,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;IACpD,CAAC,QAAQ,EAAE,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;IACtD,CAAC,MAAM,EAAE,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;IAC3B,CAAC,KAAK,EAAE,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC;IAClC,CAAC,QAAQ,EAAE,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IAC3B,CAAC,SAAS,EAAE,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IAC5B,CAAC,SAAS,EAAE,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IAC5B,CAAC,MAAM,EAAE,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC;IAC/B,CAAC,MAAM,EAAE,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACzB,CAAC,KAAK,EAAE,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;CACzB,CAAC,CAAC;AAEH;;;;;;;;;GASG;AACH,SAAS,mBAAmB,CAAC,GAAW;IACtC,MAAM,MAAM,GAAG,GAAG;SACf,KAAK,CAAC,UAAU,CAAC;SACjB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAE/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QACxB,IAAI,KAAK,KAAK,SAAS;YAAE,SAAS;QAClC,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,KAAK,CAAC;QACjD,MAAM,SAAS,GAAG,sBAAsB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACvD,IAAI,CAAC,SAAS;YAAE,SAAS;QAEzB,KAAK,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3C,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;YACvB,IAAI,IAAI,KAAK,SAAS;gBAAE,SAAS;YACjC,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;gBAC7B,oEAAoE;gBACpE,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;oBACjC,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,IAAI,GAAG,CAAC;oBAC9C,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;gBACrF,IAAI,KAAK,EAAE,CAAC;oBACV,OAAO,GAAG,QAAQ,IAAI,IAAI,EAAE,CAAC;gBAC/B,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,CAAC,MAAM,iBAAiB,GAA0B;IACtD;QACE,EAAE,EAAE,wBAAwB;QAC5B,WAAW,EACT,4PAA4P;QAC9P,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;YACjB,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,uBAAuB,EAAE,CAAC;gBACxD,IAAI,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;oBACtB,OAAO;wBACL,MAAM,EAAE,MAAM;wBACd,QAAQ,EAAE,oBAAoB,IAAI,KAAK,GAAG,2BAA2B;qBACtE,CAAC;gBACJ,CAAC;YACH,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,MAAM;gBACd,QAAQ,EAAE,wDAAwD;aACnE,CAAC;QACJ,CAAC;KACF;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,WAAW,EACT,qNAAqN;QACvN,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;YACjB,8CAA8C;YAC9C,MAAM,QAAQ,GAAG,sCAAsC,CAAC;YACxD,MAAM,MAAM,GAAG,+BAA+B,CAAC;YAC/C,MAAM,OAAO,GAAa,EAAE,CAAC;YAC7B,KAAK,MAAM,EAAE,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE,CAAC;gBACpC,IAAI,CAAyB,CAAC;gBAC9B,OAAO,CAAC,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;oBACnC,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;oBAClB,IAAI,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;wBACrC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACrB,CAAC;gBACH,CAAC;YACH,CAAC;YACD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACvB,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACrD,OAAO;oBACL,MAAM,EAAE,MAAM;oBACd,QAAQ,EAAE,8CAA8C,IAAI,oCAAoC;iBACjG,CAAC;YACJ,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,MAAM;gBACd,QAAQ,EAAE,iDAAiD;aAC5D,CAAC;QACJ,CAAC;KACF;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,WAAW,EACT,wUAAwU;QAC1U,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;YACjB,MAAM,KAAK,GAAG,mBAAmB,CAAC,GAAG,CAAC,CAAC;YACvC,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;gBACnB,OAAO;oBACL,MAAM,EAAE,MAAM;oBACd,QAAQ,EAAE,iCAAiC,KAAK,sBAAsB;iBACvE,CAAC;YACJ,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,MAAM;gBACd,QAAQ,EAAE,qCAAqC;aAChD,CAAC;QACJ,CAAC;KACF;IACD;QACE,EAAE,EAAE,0BAA0B;QAC9B,WAAW,EACT,kdAAkd;QACpd,SAAS,EAAE,CAAC,GAAG,EAAE,EAAE;YACjB,MAAM,KAAK,GAAG,mBAAmB,CAAC,GAAG,CAAC,CAAC;YACvC,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;gBACnB,OAAO;oBACL,MAAM,EAAE,MAAM;oBACd,QAAQ,EAAE,4CAA4C,KAAK,mCAAmC;iBAC/F,CAAC;YACJ,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,MAAM;gBACd,QAAQ,EAAE,gDAAgD;aAC3D,CAAC;QACJ,CAAC;KACF;CACF,CAAC;AAEF,MAAM,UAAU,UAAU,CAAC,EAAS;IAClC,OAAO,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;AACpD,CAAC;AAcD,MAAM,UAAU,SAAS,CACvB,aAAqB,EACrB,MAAgB,EAChB,SAAS,GAAG,MAAM;IAElB,4EAA4E;IAC5E,kEAAkE;IAClE,mEAAmE;IACnE,wEAAwE;IACxE,4EAA4E;IAC5E,uEAAuE;IACvE,iFAAiF;IACjF,4DAA4D;IAC5D,MAAM,iBAAiB,GAAG,YAAY,CAAC,aAAa,CAAC,CAAC;IAEtD,MAAM,GAAG,GAAG,MAAM,IAAI,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IACzD,MAAM,MAAM,GAAmB,EAAE,CAAC;IAClC,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE5B,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE,CAAC;QACrB,MAAM,OAAO,GAAG,UAAU,CAAC,EAAE,CAAC,CAAC;QAC/B,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,oBAAoB,EAAE,CAAC,CAAC;YACtF,SAAS;QACX,CAAC;QACD,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,GAAG,SAAS,EAAE,CAAC;YACtC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAC;YAC3E,SAAS;QACX,CAAC;QACD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,MAAM,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAC;QACpD,MAAM,CAAC,IAAI,CAAC;YACV,EAAE;YACF,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;YAC9B,QAAQ,EAAE,MAAM,CAAC,QAAQ;SAC1B,CAAC,CAAC;IACL,CAAC;IAED,MAAM,OAAO,GAAoB,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;IAC5F,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;AAC7B,CAAC"}
|
|
@@ -37,6 +37,10 @@ export declare function buildLandlockPolicy(profile: IsolationProfile): Landlock
|
|
|
37
37
|
/**
|
|
38
38
|
* Validate that a path appears in the policy. Used by audit_subprocess to
|
|
39
39
|
* detect when the requested binary lives outside the read-only roots.
|
|
40
|
+
*
|
|
41
|
+
* Matching is path-boundary aware (see `isPathWithin`) so a sibling directory
|
|
42
|
+
* that merely shares a textual prefix with an allowed root cannot inherit its
|
|
43
|
+
* execute grant.
|
|
40
44
|
*/
|
|
41
45
|
export declare function policyAllowsExec(policy: LandlockPolicyDescriptor, binaryPath: string): boolean;
|
|
42
46
|
//# sourceMappingURL=landlock.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"landlock.d.ts","sourceRoot":"","sources":["../../src/isolation/landlock.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEpD,MAAM,WAAW,wBAAwB;IACvC,OAAO,EAAE,CAAC,CAAC;IACX,OAAO,EAAE;QACP,eAAe,EAAE,MAAM,EAAE,CAAC;QAC1B,KAAK,EAAE,KAAK,CAAC;YACX,IAAI,EAAE,MAAM,CAAC;YACb,MAAM,EAAE,CAAC,MAAM,GAAG,SAAS,GAAG,OAAO,CAAC,EAAE,CAAC;SAC1C,CAAC,CAAC;KACJ,CAAC;CACH;AAED;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,gBAAgB,GAAG,wBAAwB,CA+BvF;
|
|
1
|
+
{"version":3,"file":"landlock.d.ts","sourceRoot":"","sources":["../../src/isolation/landlock.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEpD,MAAM,WAAW,wBAAwB;IACvC,OAAO,EAAE,CAAC,CAAC;IACX,OAAO,EAAE;QACP,eAAe,EAAE,MAAM,EAAE,CAAC;QAC1B,KAAK,EAAE,KAAK,CAAC;YACX,IAAI,EAAE,MAAM,CAAC;YACb,MAAM,EAAE,CAAC,MAAM,GAAG,SAAS,GAAG,OAAO,CAAC,EAAE,CAAC;SAC1C,CAAC,CAAC;KACJ,CAAC;CACH;AAED;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,gBAAgB,GAAG,wBAAwB,CA+BvF;AAoBD;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAC9B,MAAM,EAAE,wBAAwB,EAChC,UAAU,EAAE,MAAM,GACjB,OAAO,CAOT"}
|
|
@@ -52,13 +52,34 @@ export function buildLandlockPolicy(profile) {
|
|
|
52
52
|
}
|
|
53
53
|
};
|
|
54
54
|
}
|
|
55
|
+
/**
|
|
56
|
+
* Test whether `binaryPath` lies inside `rulePath` as a true path-tree
|
|
57
|
+
* descendant (or is the rule path itself). A naive `startsWith` is unsafe
|
|
58
|
+
* here: a rule for `/usr/bin` would then also authorize `/usr/binary-evil/x`
|
|
59
|
+
* or `/usr/bin-backdoor`, which share the textual prefix but are NOT inside
|
|
60
|
+
* the allowed root — a path-confusion authorization bypass. We require the
|
|
61
|
+
* match to end exactly at the rule path or at a `/` boundary.
|
|
62
|
+
*/
|
|
63
|
+
function isPathWithin(binaryPath, rulePath) {
|
|
64
|
+
if (binaryPath === rulePath) {
|
|
65
|
+
return true;
|
|
66
|
+
}
|
|
67
|
+
// Normalize a single trailing slash on the rule so `/usr/bin` and
|
|
68
|
+
// `/usr/bin/` behave identically, then require the next char to be `/`.
|
|
69
|
+
const base = rulePath.endsWith("/") ? rulePath.slice(0, -1) : rulePath;
|
|
70
|
+
return binaryPath.startsWith(`${base}/`);
|
|
71
|
+
}
|
|
55
72
|
/**
|
|
56
73
|
* Validate that a path appears in the policy. Used by audit_subprocess to
|
|
57
74
|
* detect when the requested binary lives outside the read-only roots.
|
|
75
|
+
*
|
|
76
|
+
* Matching is path-boundary aware (see `isPathWithin`) so a sibling directory
|
|
77
|
+
* that merely shares a textual prefix with an allowed root cannot inherit its
|
|
78
|
+
* execute grant.
|
|
58
79
|
*/
|
|
59
80
|
export function policyAllowsExec(policy, binaryPath) {
|
|
60
81
|
for (const rule of policy.ruleset.rules) {
|
|
61
|
-
if (binaryPath
|
|
82
|
+
if (isPathWithin(binaryPath, rule.path) && rule.access.includes("execute")) {
|
|
62
83
|
return true;
|
|
63
84
|
}
|
|
64
85
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"landlock.js","sourceRoot":"","sources":["../../src/isolation/landlock.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAeH;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CAAC,OAAyB;IAC3D,MAAM,KAAK,GAAiD,EAAE,CAAC;IAE/D,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;QACtC,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE,CAAC,CAAC;IACpD,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;QACtC,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,MAAM,EAAE,SAAS,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC;IAC7D,CAAC;IAED,OAAO;QACL,OAAO,EAAE,CAAC;QACV,OAAO,EAAE;YACP,eAAe,EAAE;gBACf,SAAS;gBACT,YAAY;gBACZ,WAAW;gBACX,UAAU;gBACV,YAAY;gBACZ,aAAa;gBACb,WAAW;gBACX,UAAU;gBACV,UAAU;gBACV,WAAW;gBACX,WAAW;gBACX,YAAY;gBACZ,UAAU;aACX;YACD,KAAK;SACN;KACF,CAAC;AACJ,CAAC;AAED
|
|
1
|
+
{"version":3,"file":"landlock.js","sourceRoot":"","sources":["../../src/isolation/landlock.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAeH;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CAAC,OAAyB;IAC3D,MAAM,KAAK,GAAiD,EAAE,CAAC;IAE/D,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;QACtC,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE,CAAC,CAAC;IACpD,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;QACtC,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,MAAM,EAAE,SAAS,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC;IAC7D,CAAC;IAED,OAAO;QACL,OAAO,EAAE,CAAC;QACV,OAAO,EAAE;YACP,eAAe,EAAE;gBACf,SAAS;gBACT,YAAY;gBACZ,WAAW;gBACX,UAAU;gBACV,YAAY;gBACZ,aAAa;gBACb,WAAW;gBACX,UAAU;gBACV,UAAU;gBACV,WAAW;gBACX,WAAW;gBACX,YAAY;gBACZ,UAAU;aACX;YACD,KAAK;SACN;KACF,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,YAAY,CAAC,UAAkB,EAAE,QAAgB;IACxD,IAAI,UAAU,KAAK,QAAQ,EAAE,CAAC;QAC5B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,kEAAkE;IAClE,wEAAwE;IACxE,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;IACvE,OAAO,UAAU,CAAC,UAAU,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC;AAC3C,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,gBAAgB,CAC9B,MAAgC,EAChC,UAAkB;IAElB,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACxC,IAAI,YAAY,CAAC,UAAU,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAC3E,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}
|
package/dist/server.js
CHANGED
|
@@ -71,7 +71,7 @@ export function createServer() {
|
|
|
71
71
|
}, async (args) => safe(() => auditSubprocessTool(args)));
|
|
72
72
|
server.registerTool("scan_cve_replay", {
|
|
73
73
|
title: "Run CVE replay fixtures",
|
|
74
|
-
description: "Replay 2026 MCP CVE fixtures (mcp-sdk-rce-2026-04-22, cve-2026-27124, nginx-mcp-rce-9.8) against a candidate command. Returns overall + per-CVE pass/fail.",
|
|
74
|
+
description: "Replay 2026 MCP CVE fixtures (mcp-sdk-rce-2026-04-22, cve-2026-27124, nginx-mcp-rce-9.8, mcp-interpreter-eval-rce) against a candidate command. Returns overall + per-CVE pass/fail.",
|
|
75
75
|
inputSchema: ScanCveReplayArgsSchema.shape,
|
|
76
76
|
annotations: {
|
|
77
77
|
readOnlyHint: true,
|
package/dist/server.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AAEjF,OAAO,EACL,4BAA4B,EAC5B,yBAAyB,EACzB,uBAAuB,EACvB,qBAAqB,EACrB,4BAA4B,EAC5B,qBAAqB,EACtB,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAC7D,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AACvD,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,sBAAsB,EAAE,MAAM,yBAAyB,CAAC;AACjE,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAQ7C,SAAS,EAAE,CAAC,MAAe;IACzB,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;KACnE,CAAC;AACJ,CAAC;AAED,SAAS,GAAG,CAAC,OAAe;IAC1B,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;QAC1C,OAAO,EAAE,IAAI;KACd,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,IAAI,CAAI,EAAoB;IACzC,IAAI,CAAC;QACH,OAAO,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACxB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACvD,OAAO,GAAG,CAAC,wBAAwB,GAAG,EAAE,CAAC,CAAC;IAC5C,CAAC;AACH,CAAC;AAED,MAAM,UAAU,YAAY;IAC1B,MAAM,MAAM,GAAG,IAAI,SAAS,CAC1B,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,EAChC;QACE,YAAY,EAAE;YACZ,KAAK,EAAE,EAAE;SACV;QACD,YAAY,EACV,ooBAAooB;KACvoB,CACF,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,qBAAqB,EACrB;QACE,KAAK,EAAE,yCAAyC;QAChD,WAAW,EACT,0VAA0V;QAC5V,WAAW,EAAE,4BAA4B,CAAC,KAAK;QAC/C,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,KAAK;YACrB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC,CACzD,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,kBAAkB,EAClB;QACE,KAAK,EAAE,4BAA4B;QACnC,WAAW,EACT,+JAA+J;QACjK,WAAW,EAAE,yBAAyB,CAAC,KAAK;QAC5C,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CACtD,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,iBAAiB,EACjB;QACE,KAAK,EAAE,yBAAyB;QAChC,WAAW,EACT,
|
|
1
|
+
{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AAEjF,OAAO,EACL,4BAA4B,EAC5B,yBAAyB,EACzB,uBAAuB,EACvB,qBAAqB,EACrB,4BAA4B,EAC5B,qBAAqB,EACtB,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAC7D,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AACvD,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,sBAAsB,EAAE,MAAM,yBAAyB,CAAC;AACjE,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAQ7C,SAAS,EAAE,CAAC,MAAe;IACzB,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;KACnE,CAAC;AACJ,CAAC;AAED,SAAS,GAAG,CAAC,OAAe;IAC1B,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;QAC1C,OAAO,EAAE,IAAI;KACd,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,IAAI,CAAI,EAAoB;IACzC,IAAI,CAAC;QACH,OAAO,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACxB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACvD,OAAO,GAAG,CAAC,wBAAwB,GAAG,EAAE,CAAC,CAAC;IAC5C,CAAC;AACH,CAAC;AAED,MAAM,UAAU,YAAY;IAC1B,MAAM,MAAM,GAAG,IAAI,SAAS,CAC1B,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,EAChC;QACE,YAAY,EAAE;YACZ,KAAK,EAAE,EAAE;SACV;QACD,YAAY,EACV,ooBAAooB;KACvoB,CACF,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,qBAAqB,EACrB;QACE,KAAK,EAAE,yCAAyC;QAChD,WAAW,EACT,0VAA0V;QAC5V,WAAW,EAAE,4BAA4B,CAAC,KAAK;QAC/C,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,KAAK;YACrB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC,CACzD,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,kBAAkB,EAClB;QACE,KAAK,EAAE,4BAA4B;QACnC,WAAW,EACT,+JAA+J;QACjK,WAAW,EAAE,yBAAyB,CAAC,KAAK;QAC5C,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CACtD,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,iBAAiB,EACjB;QACE,KAAK,EAAE,yBAAyB;QAChC,WAAW,EACT,sLAAsL;QACxL,WAAW,EAAE,uBAAuB,CAAC,KAAK;QAC1C,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,CACpD,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,cAAc,EACd;QACE,KAAK,EAAE,qCAAqC;QAC5C,WAAW,EACT,mRAAmR;QACrR,WAAW,EAAE,qBAAqB,CAAC,KAAK;QACxC,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,KAAK;YACrB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAClD,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,sBAAsB,EACtB;QACE,KAAK,EAAE,+BAA+B;QACtC,WAAW,EACT,0VAA0V;QAC5V,WAAW,EAAE,4BAA4B,CAAC,KAAK;QAC/C,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC,CACzD,CAAC;IAEF,MAAM,CAAC,YAAY,CACjB,eAAe,EACf;QACE,KAAK,EAAE,gBAAgB;QACvB,WAAW,EACT,gGAAgG;QAClG,WAAW,EAAE,qBAAqB,CAAC,KAAK;QACxC,WAAW,EAAE;YACX,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,KAAK;SACrB;KACF,EACD,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAClD,CAAC;IAEF,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,IAAI;IACxB,MAAM,MAAM,GAAG,YAAY,EAAE,CAAC;IAC9B,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAE7C,sEAAsE;IACtE,MAAM,QAAQ,GAAG,KAAK,EAAE,MAAc,EAAiB,EAAE;QACvD,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,KAAK,EAAE,CAAC;QACvB,CAAC;QAAC,MAAM,CAAC;YACP,cAAc;QAChB,CAAC;QACD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,MAAM,aAAa,CAAC,CAAC;QACtE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC;IACF,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,KAAK,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC;IACtD,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE,CAAC,KAAK,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;IAEpD,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,mBAAmB,OAAO,iCAAiC,CAC5D,CAAC;AACJ,CAAC;AAED,MAAM,QAAQ,GAAG,CAAC,GAAG,EAAE;IACrB,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,UAAU,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5C,OAAO,OAAO,KAAK,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC;IAC/E,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC,CAAC,EAAE,CAAC;AAEL,IAAI,QAAQ,EAAE,CAAC;IACb,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;QACjB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,0BAA2B,CAAW,CAAC,OAAO,IAAI,CAAC,CAAC;QACzE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -82,6 +82,7 @@ export declare const CveIdSchema: z.ZodEnum<{
|
|
|
82
82
|
"mcp-sdk-rce-2026-04-22": "mcp-sdk-rce-2026-04-22";
|
|
83
83
|
"cve-2026-27124": "cve-2026-27124";
|
|
84
84
|
"nginx-mcp-rce-9.8": "nginx-mcp-rce-9.8";
|
|
85
|
+
"mcp-interpreter-eval-rce": "mcp-interpreter-eval-rce";
|
|
85
86
|
}>;
|
|
86
87
|
export type CveId = z.infer<typeof CveIdSchema>;
|
|
87
88
|
export declare const ScanCveReplayArgsSchema: z.ZodObject<{
|
|
@@ -90,6 +91,7 @@ export declare const ScanCveReplayArgsSchema: z.ZodObject<{
|
|
|
90
91
|
"mcp-sdk-rce-2026-04-22": "mcp-sdk-rce-2026-04-22";
|
|
91
92
|
"cve-2026-27124": "cve-2026-27124";
|
|
92
93
|
"nginx-mcp-rce-9.8": "nginx-mcp-rce-9.8";
|
|
94
|
+
"mcp-interpreter-eval-rce": "mcp-interpreter-eval-rce";
|
|
93
95
|
}>>>;
|
|
94
96
|
timeoutMs: z.ZodDefault<z.ZodNumber>;
|
|
95
97
|
}, z.core.$strip>;
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB;;;;GAIG;AACH,MAAM,WAAW,gBAAgB;IAC/B,8DAA8D;IAC9D,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,oEAAoE;IACpE,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,wFAAwF;IACxF,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,mFAAmF;IACnF,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,2EAA2E;IAC3E,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;;OAGG;IACH,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED,eAAO,MAAM,sBAAsB;;;;;;;iBAOjC,CAAC;AAEH,eAAO,MAAM,eAAe;;;;;EAAgD,CAAC;AAE7E;;GAEG;AACH,eAAO,MAAM,4BAA4B;;;;;;;;;;;;;;;;;;iBAMvC,CAAC;AACH,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,4BAA4B,CAAC,CAAC;AAElF;;GAEG;AACH,eAAO,MAAM,yBAAyB;;;iBAGpC,CAAC;AACH,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAC;AAE5E,eAAO,MAAM,YAAY;;;;EAA6C,CAAC;AACvE,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,YAAY,CAAC,CAAC;AAE5D;;GAEG;AACH,eAAO,MAAM,WAAW
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB;;;;GAIG;AACH,MAAM,WAAW,gBAAgB;IAC/B,8DAA8D;IAC9D,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,oEAAoE;IACpE,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,wFAAwF;IACxF,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,mFAAmF;IACnF,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,2EAA2E;IAC3E,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;;OAGG;IACH,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED,eAAO,MAAM,sBAAsB;;;;;;;iBAOjC,CAAC;AAEH,eAAO,MAAM,eAAe;;;;;EAAgD,CAAC;AAE7E;;GAEG;AACH,eAAO,MAAM,4BAA4B;;;;;;;;;;;;;;;;;;iBAMvC,CAAC;AACH,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,4BAA4B,CAAC,CAAC;AAElF;;GAEG;AACH,eAAO,MAAM,yBAAyB;;;iBAGpC,CAAC;AACH,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAC;AAE5E,eAAO,MAAM,YAAY;;;;EAA6C,CAAC;AACvE,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,YAAY,CAAC,CAAC;AAE5D;;GAEG;AACH,eAAO,MAAM,WAAW;;;;;EAKtB,CAAC;AACH,MAAM,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,WAAW,CAAC,CAAC;AAEhD,eAAO,MAAM,uBAAuB;;;;;;;;;iBAIlC,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,uBAAuB,CAAC,CAAC;AAExE;;GAEG;AACH,eAAO,MAAM,qBAAqB;;;;;iBAKhC,CAAC;AACH,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAEpE;;GAEG;AACH,eAAO,MAAM,gBAAgB;;;EAAyC,CAAC;AACvE,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAE1D,eAAO,MAAM,4BAA4B;;;;;;;iBAIvC,CAAC;AACH,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,4BAA4B,CAAC,CAAC;AAElF;;;;;;;GAOG;AACH,eAAO,MAAM,qBAAqB;;;;;iBAUhC,CAAC;AACH,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAEpE;;;;;GAKG;AACH,MAAM,WAAW,sBAAsB;IACrC,gBAAgB,EAAE,MAAM,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,UAAU,CAAC;IACvB,eAAe,EAAE,MAAM,CAAC;IACxB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,gBAAgB,EAAE,MAAM,CAAC;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,gBAAgB,EAAE,MAAM,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,SAAS,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IAClD,OAAO,EAAE,gBAAgB,CAAC;IAC1B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,+EAA+E;IAC/E,UAAU,EAAE,UAAU,CAAC;IACvB;;;;OAIG;IACH,eAAe,EAAE,MAAM,CAAC;IACxB,8DAA8D;IAC9D,qBAAqB,EAAE,MAAM,CAAC;IAC9B,YAAY,EAAE,MAAM,CAAC;CACtB"}
|
package/dist/types.js
CHANGED
|
@@ -35,7 +35,8 @@ export const AuditVerdict = z.enum(["approve", "block", "quarantine"]);
|
|
|
35
35
|
export const CveIdSchema = z.enum([
|
|
36
36
|
"mcp-sdk-rce-2026-04-22",
|
|
37
37
|
"cve-2026-27124",
|
|
38
|
-
"nginx-mcp-rce-9.8"
|
|
38
|
+
"nginx-mcp-rce-9.8",
|
|
39
|
+
"mcp-interpreter-eval-rce"
|
|
39
40
|
]);
|
|
40
41
|
export const ScanCveReplayArgsSchema = z.object({
|
|
41
42
|
targetServerCommand: z.string().min(1).max(2000),
|
package/dist/types.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAyBxB,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC7C,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC3C,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC3C,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IAC7C,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IAC7C,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IAC9C,eAAe,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;CACjD,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC,CAAC;AAE7E;;GAEG;AACH,MAAM,CAAC,MAAM,4BAA4B,GAAG,CAAC,CAAC,MAAM,CAAC;IACnD,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;IACpC,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC;IACnC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACxD,SAAS,EAAE,eAAe;IAC1B,gBAAgB,EAAE,sBAAsB,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;CAC/D,CAAC,CAAC;AAGH;;GAEG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG,CAAC,CAAC,MAAM,CAAC;IAChD,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACnC,aAAa,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;CACtD,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC,CAAC;AAGvE;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,CAAC,IAAI,CAAC;IAChC,wBAAwB;IACxB,gBAAgB;IAChB,mBAAmB;
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAyBxB,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC7C,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC3C,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC3C,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IAC7C,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IAC7C,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IAC9C,eAAe,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;CACjD,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC,CAAC;AAE7E;;GAEG;AACH,MAAM,CAAC,MAAM,4BAA4B,GAAG,CAAC,CAAC,MAAM,CAAC;IACnD,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;IACpC,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC;IACnC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACxD,SAAS,EAAE,eAAe;IAC1B,gBAAgB,EAAE,sBAAsB,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;CAC/D,CAAC,CAAC;AAGH;;GAEG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG,CAAC,CAAC,MAAM,CAAC;IAChD,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACnC,aAAa,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;CACtD,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC,CAAC;AAGvE;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,CAAC,IAAI,CAAC;IAChC,wBAAwB;IACxB,gBAAgB;IAChB,mBAAmB;IACnB,0BAA0B;CAC3B,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC9C,mBAAmB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC;IAChD,MAAM,EAAE,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE;IACtD,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC;CACpE,CAAC,CAAC;AAGH;;GAEG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC5C,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;IACnC,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;IAC1C,mBAAmB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC;IACvE,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;CACrD,CAAC,CAAC;AAGH;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,cAAc,EAAE,YAAY,CAAC,CAAC,CAAC;AAGvE,MAAM,CAAC,MAAM,4BAA4B,GAAG,CAAC,CAAC,MAAM,CAAC;IACnD,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACnC,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;IACvD,IAAI,EAAE,gBAAgB;CACvB,CAAC,CAAC;AAGH;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC5C,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IAC9C,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IACvC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC;IAC3D,4BAA4B,EAAE,CAAC;SAC5B,MAAM,EAAE;SACR,GAAG,EAAE;SACL,GAAG,CAAC,CAAC,CAAC;SACN,GAAG,CAAC,GAAG,CAAC;SACR,OAAO,CAAC,CAAC,CAAC;CACd,CAAC,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "mcp-rce-guard",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.1",
|
|
4
4
|
"description": "v0.1 policy-synthesis (descriptor-only) for MCP-server RCE defense: landlock/sandbox-exec/cgroups-v2 profile builder + CVE-replay predicates + canary tracker + append-only NDJSON audit log. v0.2 adds native enforcement + verified Acra-pattern audit-log signing.",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"author": "Matthias Meyer (StudioMeyer)",
|
|
@@ -28,6 +28,7 @@
|
|
|
28
28
|
"files": [
|
|
29
29
|
"dist",
|
|
30
30
|
"README.md",
|
|
31
|
+
"CHANGELOG.md",
|
|
31
32
|
"LICENSE"
|
|
32
33
|
],
|
|
33
34
|
"scripts": {
|