fix: use 0o644 for inbound media files to allow sandbox read access#17943
Merged
vincentkoc merged 4 commits intoopenclaw:mainfrom Mar 2, 2026
Merged
Conversation
Contributor
Additional Comments (1)
Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time! Prompt To Fix With AIThis is a comment left during a code review.
Path: src/media/store.ts
Line: 152:152
Comment:
downloaded files via URL will keep `0o600` since `fs.rename()` preserves permissions
```suggestion
const out = createWriteStream(dest, { mode: 0o644 });
```
<sub>Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!</sub>
How can I resolve this? If you propose a fix, please make it concise. |
Contributor
Additional Comments (1)
The This should be updated to Prompt To Fix With AIThis is a comment left during a code review.
Path: src/media/store.ts
Line: 152:152
Comment:
**URL downloads still use `0o600`**
The `downloadToFile` function still writes with `mode: 0o600`. When `saveMediaSource` handles a URL (the `looksLikeUrl(source)` branch at line 200), it calls `downloadToFile` which creates the `.tmp` file with `0o600`, then renames it via `fs.rename` on line 211. Since `rename(2)` preserves file permissions, the final file retains `0o600` — defeating the purpose of this fix for URL-sourced media.
This should be updated to `0o644` as well, or a `chmod` should be added after the rename.
```suggestion
const out = createWriteStream(dest, { mode: 0o644 });
```
How can I resolve this? If you propose a fix, please make it concise. |
7c006bb to
2776ab7
Compare
This was referenced Feb 21, 2026
2776ab7 to
5947e94
Compare
Inbound media files were saved with 0o600 permissions, making them unreadable from Docker sandbox containers running as different users. Change to 0o644 (world-readable) so sandboxed agents can access downloaded attachments. Fixes openclaw#17941 Co-Authored-By: Claude <noreply@anthropic.com>
c10b911 to
b88cc30
Compare
hanqizheng
pushed a commit
to hanqizheng/openclaw
that referenced
this pull request
Mar 2, 2026
…penclaw#17943) * fix: use 0o644 for inbound media files to allow sandbox read access Inbound media files were saved with 0o600 permissions, making them unreadable from Docker sandbox containers running as different users. Change to 0o644 (world-readable) so sandboxed agents can access downloaded attachments. Fixes openclaw#17941 Co-Authored-By: Claude <noreply@anthropic.com> * test(media): assert URL-sourced inbound files use 0o644 * test(media): make redirect file-mode assertion platform-aware * docs(media): clarify 0o644 is for sandbox UID compatibility --------- Co-authored-by: zerone0x <zerone0x@users.noreply.github.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
execute008
pushed a commit
to execute008/openclaw
that referenced
this pull request
Mar 2, 2026
…penclaw#17943) * fix: use 0o644 for inbound media files to allow sandbox read access Inbound media files were saved with 0o600 permissions, making them unreadable from Docker sandbox containers running as different users. Change to 0o644 (world-readable) so sandboxed agents can access downloaded attachments. Fixes openclaw#17941 Co-Authored-By: Claude <noreply@anthropic.com> * test(media): assert URL-sourced inbound files use 0o644 * test(media): make redirect file-mode assertion platform-aware * docs(media): clarify 0o644 is for sandbox UID compatibility --------- Co-authored-by: zerone0x <zerone0x@users.noreply.github.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
dawi369
pushed a commit
to dawi369/davis
that referenced
this pull request
Mar 3, 2026
…penclaw#17943) * fix: use 0o644 for inbound media files to allow sandbox read access Inbound media files were saved with 0o600 permissions, making them unreadable from Docker sandbox containers running as different users. Change to 0o644 (world-readable) so sandboxed agents can access downloaded attachments. Fixes openclaw#17941 Co-Authored-By: Claude <noreply@anthropic.com> * test(media): assert URL-sourced inbound files use 0o644 * test(media): make redirect file-mode assertion platform-aware * docs(media): clarify 0o644 is for sandbox UID compatibility --------- Co-authored-by: zerone0x <zerone0x@users.noreply.github.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
zooqueen
pushed a commit
to hanzoai/bot
that referenced
this pull request
Mar 6, 2026
…penclaw#17943) * fix: use 0o644 for inbound media files to allow sandbox read access Inbound media files were saved with 0o600 permissions, making them unreadable from Docker sandbox containers running as different users. Change to 0o644 (world-readable) so sandboxed agents can access downloaded attachments. Fixes openclaw#17941 * test(media): assert URL-sourced inbound files use 0o644 * test(media): make redirect file-mode assertion platform-aware * docs(media): clarify 0o644 is for sandbox UID compatibility --------- Co-authored-by: zerone0x <zerone0x@users.noreply.github.com> Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
alexey-pelykh
pushed a commit
to remoteclaw/remoteclaw
that referenced
this pull request
Mar 16, 2026
…penclaw#17943) * fix: use 0o644 for inbound media files to allow sandbox read access Inbound media files were saved with 0o600 permissions, making them unreadable from Docker sandbox containers running as different users. Change to 0o644 (world-readable) so sandboxed agents can access downloaded attachments. Fixes openclaw#17941 Co-Authored-By: Claude <noreply@anthropic.com> * test(media): assert URL-sourced inbound files use 0o644 * test(media): make redirect file-mode assertion platform-aware * docs(media): clarify 0o644 is for sandbox UID compatibility --------- Co-authored-by: zerone0x <zerone0x@users.noreply.github.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Vincent Koc <vincentkoc@ieee.org> (cherry picked from commit 376a52a)
alexey-pelykh
pushed a commit
to remoteclaw/remoteclaw
that referenced
this pull request
Mar 16, 2026
…penclaw#17943) * fix: use 0o644 for inbound media files to allow sandbox read access Inbound media files were saved with 0o600 permissions, making them unreadable from Docker sandbox containers running as different users. Change to 0o644 (world-readable) so sandboxed agents can access downloaded attachments. Fixes openclaw#17941 Co-Authored-By: Claude <noreply@anthropic.com> * test(media): assert URL-sourced inbound files use 0o644 * test(media): make redirect file-mode assertion platform-aware * docs(media): clarify 0o644 is for sandbox UID compatibility --------- Co-authored-by: zerone0x <zerone0x@users.noreply.github.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Vincent Koc <vincentkoc@ieee.org> (cherry picked from commit 376a52a)
lovewanwan
pushed a commit
to lovewanwan/openclaw
that referenced
this pull request
Apr 28, 2026
…penclaw#17943) * fix: use 0o644 for inbound media files to allow sandbox read access Inbound media files were saved with 0o600 permissions, making them unreadable from Docker sandbox containers running as different users. Change to 0o644 (world-readable) so sandboxed agents can access downloaded attachments. Fixes openclaw#17941 Co-Authored-By: Claude <noreply@anthropic.com> * test(media): assert URL-sourced inbound files use 0o644 * test(media): make redirect file-mode assertion platform-aware * docs(media): clarify 0o644 is for sandbox UID compatibility --------- Co-authored-by: zerone0x <zerone0x@users.noreply.github.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
ogt-redknie
pushed a commit
to ogt-redknie/OPENX
that referenced
this pull request
May 2, 2026
…penclaw#17943) * fix: use 0o644 for inbound media files to allow sandbox read access Inbound media files were saved with 0o600 permissions, making them unreadable from Docker sandbox containers running as different users. Change to 0o644 (world-readable) so sandboxed agents can access downloaded attachments. Fixes openclaw#17941 Co-Authored-By: Claude <noreply@anthropic.com> * test(media): assert URL-sourced inbound files use 0o644 * test(media): make redirect file-mode assertion platform-aware * docs(media): clarify 0o644 is for sandbox UID compatibility --------- Co-authored-by: zerone0x <zerone0x@users.noreply.github.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
github-actions Bot
pushed a commit
to Desicool/openclaw
that referenced
this pull request
May 9, 2026
…penclaw#17943) * fix: use 0o644 for inbound media files to allow sandbox read access Inbound media files were saved with 0o600 permissions, making them unreadable from Docker sandbox containers running as different users. Change to 0o644 (world-readable) so sandboxed agents can access downloaded attachments. Fixes openclaw#17941 Co-Authored-By: Claude <noreply@anthropic.com> * test(media): assert URL-sourced inbound files use 0o644 * test(media): make redirect file-mode assertion platform-aware * docs(media): clarify 0o644 is for sandbox UID compatibility --------- Co-authored-by: zerone0x <zerone0x@users.noreply.github.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes #17941
Inbound media files were saved with
0o600permissions (-rw-------), making them unreadable from Docker sandbox containers running as different users.Changes
0o600to0o644insaveMediaSource()andsaveMediaBuffer()Why 0o644?
0o700, so only users with directory access can see filenames🤖 Generated with Claude Code
Greptile Summary
This PR changes media file permissions from
0o600to0o644insaveMediaSource()(local file path) andsaveMediaBuffer()to allow Docker sandbox containers running as different users to read inbound media files. The rationale is sound — media files are user-uploaded attachments (not credentials), and the parent directory already uses0o700to restrict directory-level access.However, the fix is incomplete for URL-sourced media:
downloadToFilehelper at line 152 still usescreateWriteStream(dest, { mode: 0o600 }). WhensaveMediaSourceprocesses a URL, it callsdownloadToFileto write a.tmpfile, then renames it. Sincefs.renamepreserves permissions, the final file retains0o600— leaving URL-downloaded media unreadable from the sandbox.Confidence Score: 2/5
downloadToFilefunction (line 152) was not updated, which means URL-sourced media still gets0o600permissions. This is a functional gap that undermines the stated goal of the PR.src/media/store.ts— thedownloadToFilefunction at line 152 still uses0o600and needs to be updated to0o644.Last reviewed commit: 7c006bb