fix(security): use 0o600 permissions for session transcript files#8751
Open
revenuestack wants to merge 1 commit intoopenclaw:mainfrom
Open
fix(security): use 0o600 permissions for session transcript files#8751revenuestack wants to merge 1 commit intoopenclaw:mainfrom
revenuestack wants to merge 1 commit intoopenclaw:mainfrom
Conversation
Session transcript .jsonl files were being created with 0o644 (world-readable) permissions instead of 0o600 (user-only). These files may contain sensitive conversation data including accidentally shared API keys or tokens. This fix applies mode: 0o600 to all session transcript file writes to match the security model used by other sensitive files like openclaw.json and auth-profiles.json. Fixes openclaw#7862 Co-Authored-By: Claude Opus 4.5 <[email protected]>
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
Contributor
Additional Comments (1)
You now set the transcript file mode to Prompt To Fix With AIThis is a comment left during a code review.
Path: src/config/sessions/transcript.ts
Line: 67:69
Comment:
[P1] `ensureSessionHeader` still creates the transcript directory with default permissions.
You now set the transcript file mode to `0o600`, but the containing directory is created via `fs.promises.mkdir(..., { recursive: true })` (no `mode`). If the directory already exists with permissive bits, users on the same machine can still list/inspect filenames and metadata (and on some systems traverse if execute bit is set). Other sensitive stores in the repo typically use `mode: 0o700` for directories. Consider passing `mode: 0o700` here as well (best-effort, knowing `recursive` may not chmod existing dirs).
How can I resolve this? If you propose a fix, please make it concise. |
5 tasks
samuelberston
added a commit
to samuelberston/openclaw
that referenced
this pull request
Feb 14, 2026
Session transcript .jsonl files contain full conversation history including user messages, tool call arguments, and model responses. Previously created with default 0o644 (world-readable) permissions. Restrict all session file write paths to 0o600 (owner-only), matching the permission model already used by saveJsonFile() for credential and config files (CWE-732). Write paths fixed: - config/sessions/transcript.ts (ensureSessionHeader) - agents/pi-embedded-helpers/bootstrap.ts (ensureSessionHeader) - agents/pi-embedded-runner/session-manager-init.ts (reset path) - auto-reply/reply/session.ts (forkSessionFromParent) - gateway/server-methods/chat.ts (ensureTranscriptFile) - gateway/server-methods/sessions.ts (manual compaction) - agents/session-file-repair.ts (backup + repair writes) Closes openclaw#8751 Co-authored-by: Cursor <[email protected]>
This was referenced Feb 14, 2026
samuelberston
added a commit
to samuelberston/openclaw
that referenced
this pull request
Feb 14, 2026
Session transcript .jsonl files contain full conversation history including user messages, tool call arguments, and model responses. Previously created with default 0o644 (world-readable) permissions. Restrict all session file write paths to 0o600 (owner-only), matching the permission model already used by saveJsonFile() for credential and config files (CWE-732). Write paths fixed: - config/sessions/transcript.ts (ensureSessionHeader) - agents/pi-embedded-helpers/bootstrap.ts (ensureSessionHeader) - agents/pi-embedded-runner/session-manager-init.ts (reset path) - auto-reply/reply/session.ts (forkSessionFromParent) - gateway/server-methods/chat.ts (ensureTranscriptFile) - gateway/server-methods/sessions.ts (manual compaction) - agents/session-file-repair.ts (backup + repair writes) Closes openclaw#8751 Co-authored-by: Cursor <[email protected]>
samuelberston
added a commit
to samuelberston/openclaw
that referenced
this pull request
Feb 14, 2026
Session transcript .jsonl files contain full conversation history including user messages, tool call arguments, and model responses. Previously created with default 0o644 (world-readable) permissions. Restrict all session file write paths to 0o600 (owner-only), matching the permission model already used by saveJsonFile() for credential and config files (CWE-732). Write paths fixed: - config/sessions/transcript.ts (ensureSessionHeader) - agents/pi-embedded-helpers/bootstrap.ts (ensureSessionHeader) - agents/pi-embedded-runner/session-manager-init.ts (reset path) - auto-reply/reply/session.ts (forkSessionFromParent) - gateway/server-methods/chat.ts (ensureTranscriptFile) - gateway/server-methods/sessions.ts (manual compaction) - agents/session-file-repair.ts (backup + repair writes) Closes openclaw#8751 Co-authored-by: Cursor <[email protected]>
thewilloftheshadow
force-pushed
the
main
branch
from
bfc1ccb to
f92900f
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Session transcript .jsonl files were being created with 0o644 (world-readable) permissions instead of 0o600 (user-only). These files may contain sensitive conversation data including accidentally shared API keys or tokens.
This fix applies mode: 0o600 to all session transcript file writes to match the security model used by other sensitive files like openclaw.json and auth-profiles.json.
Fixes #7862
Greptile Overview
Greptile Summary
This PR updates session transcript
.jsonlcreation/reset paths to write withmode: 0o600(owner read/write only) instead of relying on defaults, aligning transcript files with other sensitive local state (e.g., config/auth stores).Changes touch:
src/config/sessions/transcript.ts:ensureSessionHeadernow writes the initial header with0o600.src/auto-reply/reply/session.ts: forked session transcript creation writes the header with0o600.src/agents/pi-embedded-runner/session-manager-init.ts: session file reset now enforces0o600.Overall, the fix meaningfully reduces exposure of potentially sensitive conversation content on multi-user systems by preventing world-readable transcript files.
Confidence Score: 4/5