Fix 8 code-review findings: security + reliability

1. agent.py: shell allow-check reads cfg, not server payload (RCE fix)
2. webhook.php: move WEBHOOK_SECRET to gitignored config.php; rotate secret
3. agent.py: replace recursive main() with while loop (RecursionError fix)
4. jarvis-deploy.sh: push force-revert to GitHub on syntax fail (loop fix)
5. agent.py: self_update() verifies SHA-256 before exec (integrity fix)
6. agent.php: remove JARVIS_IP from browser-action bypass (auth fix)
7. jarvis-watchdog.sh: escape SQL vars in alert() to prevent injection
8. jarvis-deploy.sh: atomic mv instead of cat+truncate (TOCTOU fix)

Also: distribute jarvis-agent.py.sha256 alongside agent for integrity checks
This commit is contained in:
2026-05-25 14:27:27 +00:00
parent 45fef11785
commit ecbc2e09a5
7 changed files with 99 additions and 27 deletions
+1 -1
View File
@@ -53,7 +53,7 @@ if ($agentAction !== 'register') {
if (in_array($agentAction, $browserActions)) {
$token = $_SESSION['jarvis_token'] ?? '';
$localIP = $_SERVER['REMOTE_ADDR'] ?? '';
if (empty($token) && !in_array($localIP, ['127.0.0.1', '::1', JARVIS_IP])) {
if (empty($token) && !in_array($localIP, ['127.0.0.1', '::1'])) {
agent_error(401, 'Unauthorized');
}
$agent = null;