feat(security): 新增工具沙箱安全机制

为所有工具插件添加沙箱拦截层,防止危险的文件访问、Shell命令和Python代码执行。
包含配置文件、核心校验逻辑及31个单元测试。

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-06-03 12:09:15 +00:00
parent a53ffebe0e
commit 80174acaae
9 changed files with 502 additions and 8 deletions
+46
View File
@@ -0,0 +1,46 @@
# KiloStar 沙箱安全策略配置
sandbox:
enabled: true
# 文件系统沙箱
filesystem:
workspace_root: "/tmp/kilostar_workspace"
allowed_read_paths:
- "/tmp"
denied_paths:
- "/etc/shadow"
- "/etc/passwd"
- "/root"
# Shell 命令沙箱
shell:
enabled: true
blocked_commands:
- "rm -rf /"
- "mkfs"
- "dd "
- "shutdown"
- "reboot"
blocked_operators:
- "&&"
- "||"
- ";"
- "`"
- "$("
max_timeout: 60
# Python 执行器沙箱
python_executor:
enabled: true
max_timeout: 30
blocked_imports:
- "os"
- "subprocess"
- "shutil"
- "socket"
- "ctypes"
blocked_builtins:
- "exec"
- "eval"
- "compile"
- "__import__"