mirror/nanobot
1
0
Fork 0
mirror of https://github.com/HKUDS/nanobot.git synced 2026-05-05 09:15:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(filesystem): add media directory exemption to filesystem tool path checks

Browse Source
This commit is contained in:
Shiniese 2026-04-01 16:19:53 +08:00 committed by Xubin Ren
parent bc879386fe
commit 624f607872
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
nanobot/agent/tools/filesystem.py
View File

@ -21,7 +21,9 @@ def _resolve_path(
p = workspace / p p = workspace / p
resolved = p.resolve() resolved = p.resolve()
if allowed_dir: if allowed_dir:
all_dirs = [allowed_dir] + (extra_allowed_dirs or []) from nanobot.config.paths import get_runtime_subdir
media_path = get_runtime_subdir("media").resolve()
all_dirs = [allowed_dir] + [media_path] + (extra_allowed_dirs or [])
if not any(_is_under(resolved, d) for d in all_dirs): if not any(_is_under(resolved, d) for d in all_dirs):
raise PermissionError(f"Path {path} is outside allowed directory {allowed_dir}") raise PermissionError(f"Path {path} is outside allowed directory {allowed_dir}")
return resolved return resolved