ros/claude-code
1
0
Fork 0
mirror of https://github.com/anthropics/claude-code.git synced 2026-01-30 04:02:03 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
claude/fix-deny-rules-symlink-cjxxn
claude-code/plugins/security-guidance
History
Claude ff0fdc0676 fix(security): Resolve symlinks before checking deny rules (CVE-2025-59829) 
This commit fixes a security vulnerability where deny rules could be
bypassed by creating symbolic links to restricted files.

Changes:
- Add symlink resolution in rule_engine.py _extract_field method
- Add symlink resolution in security_reminder_hook.py check_patterns
- Create new symlink_deny_hook.py for blocking symlinks to system paths
- Include Read tool in file event handlers for deny rule checking
- Update hooks.json to apply security hooks to Read tool

The vulnerability allowed attackers to bypass deny rules like
Read(/etc/passwd) by creating a symlink (e.g., ln -s /etc/passwd test.txt)
and then reading the symlink instead of the restricted file directly.

The fix uses os.path.realpath() to resolve all symlinks to their canonical
paths before checking against deny patterns, ensuring that deny rules are
enforced regardless of whether the path is accessed directly or via symlink.
2026-01-08 20:08:08 +00:00
..
.claude-plugin
feat: Add security-guidance plugin in claude-code repo (#9223)
2025-10-09 09:10:43 -07:00
hooks
fix(security): Resolve symlinks before checking deny rules (CVE-2025-59829)
2026-01-08 20:08:08 +00:00