Commit Graph

4 Commits

Author SHA1 Message Date
Simon Wisselink 17fae11a38 update documentation for building and previewing with mkdocs, fix unit tests for windows 2026-06-24 10:33:14 +02:00
Simon Wisselink 99c048ce7a Security: prevent symlink path traversal out of secure_dir (CWE-22)
Security::_checkDir() validated file access using Smarty::_realpath(),
which only normalizes paths as strings and never follows symlinks. A
symlink placed inside a trusted secure_dir/template directory therefore
passed the trust check while file_get_contents() followed it to an
arbitrary file (e.g. /etc/passwd), affecting {include} and {fetch} of
local files.

Resolve the requested file with native realpath() and re-validate the
canonical, symlink-free path against the trusted directories. The trusted
directories are canonicalized the same way so legitimate symlinked
deployment paths (e.g. a Capistrano "current" release symlink, or macOS'
/var -> /private/var) keep working. Falls back to string normalization
only when the file does not yet exist on disk.

Adds regression tests covering both the rejected escape and an allowed
in-sandbox symlink, and documents the changelog convention in AGENTS.md.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-24 00:15:19 +02:00
Simon Wisselink 0775fa84d1 Agents instructions 2026-06-23 22:52:51 +02:00
Simon Wisselink aa2dcd82cf Added AGENTS.md for improved vibe coding experience 2026-04-10 22:57:32 +02:00