harald/zeroclaw
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 5
zeroclaw/src/security
History
Alex Gorevski 56af0d169e fix(security): change pairing lockout to per-client accounting 
Replace global failed-attempt counter with per-client HashMap keyed by
client identity (IP address for gateway, chat_id for Telegram).  This
prevents a single attacker from locking out all legitimate clients.

Bounded state: entries are evicted after lockout expiry, and the map is
capped at 1024 tracked clients.

Closes #603

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-02-19 07:33:11 -08:00
..
audit.rs chore: Remove blocking read strings 2026-02-19 14:52:29 +08:00
bubblewrap.rs readd tests, remove markdown files 2026-02-18 14:42:39 +08:00
detect.rs fix(channels): execute tool calls in channel runtime (#302) 2026-02-16 05:07:01 -05:00
docker.rs readd tests, remove markdown files 2026-02-18 14:42:39 +08:00
firejail.rs readd tests, remove markdown files 2026-02-18 14:42:39 +08:00
landlock.rs readd tests, remove markdown files 2026-02-18 14:42:39 +08:00
mod.rs fix(security): prevent cleartext logging of sensitive data 2026-02-18 20:12:45 -08:00
pairing.rs fix(security): change pairing lockout to per-client accounting 2026-02-19 07:33:11 -08:00
policy.rs fix(security): parse shell separators only when unquoted 2026-02-19 19:03:20 +08:00
secrets.rs chore: Remove blocking read strings 2026-02-19 14:52:29 +08:00
traits.rs fix(channels): execute tool calls in channel runtime (#302) 2026-02-16 05:07:01 -05:00