Skip to content

feat: add allow_exec_sugid config option for setuid binary execution#26

Merged
Pierozi merged 4 commits intomainfrom
feat/setuid
Feb 26, 2026
Merged

feat: add allow_exec_sugid config option for setuid binary execution#26
Pierozi merged 4 commits intomainfrom
feat/setuid

Conversation

@Pierozi
Copy link
Contributor

@Pierozi Pierozi commented Feb 25, 2026

Summary

  • Adds opt-in execution of setuid/setgid binaries (e.g., /bin/ps) for MCP servers
  • Maintains secure deny-by-default policy while resolving forbidden-exec-sugid violations
  • Supports three modes: deny (default), allow all, allow specific paths
  • Integrates across config, CLI, profiles, and seatbelt generation

Implementation

Core Types (src/config/schema.rs):

  • ExecSugid enum with clean TOML syntax: false, true, or ["/bin/ps"]

Config/Profile System:

  • Profile field with last-wins/paths-union merge semantics
  • Config merge: project overrides global; paths are unioned
  • Merge helper for safe composition

CLI (src/cli/args.rs, src/cli/commands.rs):

  • --allow-exec-sugid PATH flag (repeatable, path-based only)
  • determine_exec_sugid() with CLI > profile > config precedence
  • --explain shows sugid status; --init template includes example

Seatbelt (src/sandbox/seatbelt.rs):

  • Rules emitted after (allow signal):
    • Allow(true)(allow process-exec* (with no-sandbox))
    • Paths → per-path (allow process-exec (with no-sandbox) (literal "..."))
    • Allow(false) → comment only (default deny)
  • Full path validation against injection attacks

Test plan

  • Unit tests: 8 schema (serde, default, is_default)
  • Unit tests: 7 seatbelt (deny, allow, paths, validation, ordering)
  • Config tests: 5 (TOML parsing, merge semantics, union merging)
  • Profile tests: 4 (compose, last-wins, paths-union, inheritance)
  • CLI tests: 2 (single path, multiple paths)
  • All 221 tests pass (76 unit + 145 integration)
  • Manual verification: dry-run and explain commands work as expected

@Pierozi
feat: add allow_exec_sugid config option (#22)
1a12b20 
Add opt-in execution of setuid/setgid binaries for MCP server support.
Resolves forbidden-exec-sugid violations while maintaining secure deny-by-default.

- New ExecSugid enum: Allow(bool) or Paths(Vec<String>)
- Config field with TOML syntax: false (deny), true (allow all), ["/bin/ps"]
- Profile composing with last-wins/paths-union merge semantics
- Config merge: project overrides global, paths are unioned
- CLI flag --allow-exec-sugid PATH (repeatable, path-based only)
- Seatbelt rule generation with path validation
- explain command shows sugid status; init template includes example
- 27 new tests across schema, seatbelt, config, profile, and CLI
@Pierozi
fix(explain): show deny for empty exec_sugid paths list
afd0b94
@Pierozi
docs: add allow_exec_sugid configuration and usage guide
fcc4341 
- Add allow_exec_sugid examples to global and project config templates
- Document three modes: deny (default), allow all, allow specific paths
- Add CLI flag usage and merge semantics explanation
- Update PROFILES.md with custom profile example and merge rules
- Add SECURITY.md section explaining deny-by-default behavior and seatbelt rules
- Update generated seatbelt profile example with sugid rule example
@Pierozi
style: format code with cargo fmt
db444cc
@Pierozi Pierozi merged commit eede442 into main Feb 26, 2026
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Pierozi