Mubashir R 4907b16d9b fix: personal-docs path confinement used abspath, allowing symlink escape (#1728) ...

_resolve_allowed_personal_dir confined a user-supplied path to PERSONAL_DIR with
os.path.abspath + os.path.commonpath. abspath normalises `..` but does NOT
resolve symlinks, so a symlink placed inside PERSONAL_DIR pointing outside it
passes the commonpath check and lets index_personal_documents read files outside
the root. Use os.path.realpath for both the base and the candidate so symlinks
are resolved before the confinement check.

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>

2026-06-03 13:29:57 +09:00

12 KiB

Raw Permalink Blame History

View Raw