Skip to content

fix(install): restrict ~/.hermes/.env to owner-only permissions (0600) (#25477)#25533

Closed
Bartok9 wants to merge 1 commit into
NousResearch:mainfrom
Bartok9:fix/25477-env-file-permissions
Closed

fix(install): restrict ~/.hermes/.env to owner-only permissions (0600) (#25477)#25533
Bartok9 wants to merge 1 commit into
NousResearch:mainfrom
Bartok9:fix/25477-env-file-permissions

Conversation

@Bartok9

@Bartok9 Bartok9 commented May 14, 2026

Copy link
Copy Markdown
Contributor

Summary

Fixes #25477 — installer leaves ~/.hermes/.env world/group-readable, exposing API keys.

Root Cause

The installer uses cp and touch to create ~/.hermes/.env, both of which inherit the process umask. On Ubuntu (umask 0022) the result is 0644; on some server environments with umask 0002 the result is 0664. No explicit chmod was applied after file creation, leaving platform tokens, API keys, and Slack tokens visible to other users on the system.

The Python layer (_secure_file() in hermes_cli/config.py) already applies 0o600 on every subsequent write via save_env_value() and sanitize_env_file() — but the install script's initial file creation was never covered.

Fix

Add chmod 0600 "/.env" immediately after the file is created in copy_config_templates(), with a || true fallback to stay safe on NixOS managed installs and containers where the activation script owns permissions.

The fix also tightens permissions when the file already exists (the else branch), so users who installed a previous version and have 0664 on disk are hardened on their next upgrade — without any user action required.

Before / After

# Before — freshly installed on Ubuntu 24.04 (umask 0022)
$ ls -la ~/.hermes/.env
-rw-rw-r-- 1 plumline plumline 1234 May 14 07:00 ~/.hermes/.env
#                 ^^ group+world readable

# After
$ ls -la ~/.hermes/.env
-rw------- 1 plumline plumline 1234 May 14 07:00 ~/.hermes/.env

Testing

# Verify shell syntax
bash -n scripts/install.sh  # → OK

# Functional test (dry run in a tmpdir)
HERMES_HOME=/tmp/hermes-test bash -c '
  mkdir -p /tmp/hermes-test
  touch /tmp/hermes-test/.env
  chmod 0664 /tmp/hermes-test/.env  # simulate old installer
  chmod 0600 /tmp/hermes-test/.env 2>/dev/null || true
  ls -la /tmp/hermes-test/.env
'
# → -rw------- (0600)

@Bartok9
fix(install): restrict ~/.hermes/.env to owner-only permissions (0600)
a1d03c3 
The installer left ~/.hermes/.env at mode 0664 — group- and
world-readable — exposing secrets (ANTHROPIC_API_KEY, Slack tokens,
Plane API tokens, etc.) to every user on multi-user systems.

Root cause: cp and touch both inherit the process umask (typically
0022 on Ubuntu, yielding 0644; or 0002 in some server environments,
yielding 0664).  No explicit chmod was applied after file creation.

Fix: add chmod 0600 immediately after the file is created OR found to
already exist.  The fallback (|| true) is intentional: on NixOS
managed installs or containers the activation script owns permissions
and a chmod may fail or be a no-op — that is already handled by the
is_managed() guard in the Python layer.  The || true keeps the
installer from exiting on those platforms.

The tighten-on-existing-file branch also fixes users who installed an
earlier version and already have 0664 on disk — their permissions are
hardened on the next upgrade.

The Python layer (_secure_file in hermes_cli/config.py) already
applies 0o600 on every write through save_env_value() and
sanitize_env_file(), but the install script's initial creation was
never covered.

Fixes NousResearch#25477
@alt-glitch alt-glitch added type/security Security vulnerability or hardening P2 Medium — degraded but workaround exists comp/cli CLI entry point, hermes_cli/, setup wizard area/config Config system, migrations, profiles labels May 14, 2026
@alt-glitch

alt-glitch commented May 14, 2026

Copy link
Copy Markdown
Collaborator

Duplicate of #25497 which is a superset (also covers setup-hermes.sh + adds tests). Both fix #25477.

This was referenced May 14, 2026
Closed
Closed
Closed
Closed
@Bartok9 Bartok9 mentioned this pull request May 15, 2026
Closed
@Hinotoi-agent Hinotoi-agent mentioned this pull request May 23, 2026
Closed
9 tasks
@teknium1

teknium1 commented May 24, 2026

Copy link
Copy Markdown
Contributor

Closing as superseded by #25779.

Triage notes (high confidence):
PR #25779 (merged 2026-05-14) already added chmod 600 "$HERMES_HOME/.env" at scripts/install.sh:1442 — same single-file fix.

Thanks for the contribution — the underlying problem this PR addresses has been resolved by the linked PR on current main. If you believe this was closed in error, please comment and we'll reopen.

(Bulk-closed during a CLI PR triage sweep.)

@teknium1 teknium1 closed this May 24, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area/config Config system, migrations, profiles comp/cli CLI entry point, hermes_cli/, setup wizard P2 Medium — degraded but workaround exists type/security Security vulnerability or hardening

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Bug]: Installer leaves ~/.hermes/.env at file mode 0664 — group/world readable, secrets exposed

3 participants

@Bartok9 @alt-glitch @teknium1