fix sudo-unshare sandbox: drop privileges after PROC_CLEANUP (#383)

the sudo-unshare sandbox path runs the entire command as root, causing
files modified by shell commands (e.g. git merge) to become root-owned.
this breaks file_write/file_edit which run in the Node.js parent process
as the normal user (EACCES errors).

after PROC_CLEANUP (which needs root for umount/mount), drop back to
the original user via `su -p` so file operations match the uid of the
parent process. security-neutral: PID namespace isolation is the barrier,
not privilege level inside it.

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Colin McDonnell
2026-02-25 01:37:40 +00:00
committed by pullfrog[bot]
parent 52ec35790a
commit f8a871f723
2 changed files with 11 additions and 2 deletions
+4 -1
View File
@@ -143922,6 +143922,7 @@ function SelectModeTool(ctx) {
import { spawn as spawn2, spawnSync as spawnSync3 } from "node:child_process";
import { randomUUID as randomUUID3 } from "node:crypto";
import { closeSync, openSync, writeFileSync as writeFileSync7 } from "node:fs";
import { userInfo } from "node:os";
import { join as join9 } from "node:path";
var ShellParams = type({
command: "string",
@@ -143986,6 +143987,8 @@ function spawnShell(params) {
envArgs.push(`${k}=${v}`);
}
}
const username = userInfo().username;
const escaped = params.command.replace(/'/g, "'\\''");
return spawn2(
"sudo",
[
@@ -143997,7 +144000,7 @@ function spawnShell(params) {
"--mount-proc",
"bash",
"-c",
`${PROC_CLEANUP} ${params.command}`
`${PROC_CLEANUP} exec su -p -s /bin/bash ${username} -c '${escaped}'`
],
{ ...spawnOpts, env: {} }
);