fix(security): patch 4 critical vulnerabilities#246
Open
Frankshen923 wants to merge 1 commit intodataelement:mainfrom
Open
fix(security): patch 4 critical vulnerabilities#246Frankshen923 wants to merge 1 commit intodataelement:mainfrom
Frankshen923 wants to merge 1 commit intodataelement:mainfrom
Conversation
Security audit identified 4 critical issues. All patched with minimal changes. 1. Unauthenticated API key generation (gateway.py) - Added Depends(get_current_user) + creator/admin role check - Used existing check_agent_access() for consistent auth 2. API keys stored in plaintext (enterprise.py, agents.py, task_executor.py) - LLM API keys: encrypt with existing encrypt_data()/decrypt_data() (AES-256) - Agent API keys: hash with SHA-256 (consistent with create flow) 3. Default JWT secrets accepted in production (main.py) - Startup check: refuse to boot with "change-me" secrets unless DEBUG=true 4. Multi-tenant isolation gaps (permissions.py, plaza.py, task_executor.py) - check_agent_access(): validate tenant_id match for non-admin users - Plaza API: enforce tenant from JWT, not optional query parameter - LLM model lookup: filter by agent's tenant_id
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Security audit identified 4 critical vulnerabilities. This PR patches all of them with minimal, focused changes (7 files, +63/-23 lines).
1. Unauthenticated API Key Generation (
gateway.py)POST /gateway/agents/{agent_id}/api-keyhad no authentication. AddedDepends(get_current_user)+ creator/admin role check using existingcheck_agent_access().2. API Keys Stored in Plaintext (
enterprise.py,agents.py,task_executor.py)encrypt_data()/decrypt_data()(AES-256-CBC)gateway.py)3. Default JWT Secrets Accepted in Production (
main.py)Added startup check: application refuses to boot if
SECRET_KEYorJWT_SECRET_KEYcontains"change-me"unlessDEBUG=true.4. Multi-Tenant Isolation Gaps (
permissions.py,plaza.py,task_executor.py)check_agent_access(): Added tenant_id validation for non-admin userslist_postsandplaza_statsnow require authentication and enforce tenant from JWTtenant_idfilter to prevent cross-tenant model accessTest Plan
POST /gateway/agents/{id}/api-keyreturns 401 without auth tokenapi_key_encryptedcolumn is ciphertext)GET /plaza/postswithout auth returns 401; with auth returns only own tenant's postsNotes
encrypt_data,check_agent_access,get_current_user) — no new dependencies🤖 Generated with Claude Code