lhumina_code/hero_aibroker
4
0
Fork 0
Code Issues 65 Pull requests 2 Projects Releases 4 Packages Wiki Activity Actions

Security: SDK connect_default() falls back to /tmp/ — socket hijacking risk #96

New issue
Open
opened 2026-05-11 13:49:51 +00:00 by thabeta · 0 comments
thabeta commented 2026-05-11 13:49:51 +00:00
Owner
Copy link

Severity: High

Location

crates/hero_aibroker_sdk/src/lib.rsdefault_socket_path()

Finding

The SDK's socket path resolution has a fallback to /tmp/:

pub fn default_socket_path() -> String {
    if let Ok(p) = std::env::var("HERO_AIBROKER_SOCKET") { return p; }
    if let Ok(dir) = std::env::var("HERO_SOCKET_DIR") { return format!("{dir}/hero_aibroker/rpc.sock"); }
    if let Ok(home) = std::env::var("HOME") { return format!("{home}/hero/var/sockets/hero_aibroker/rpc.sock"); }
    "/tmp/hero/var/sockets/hero_aibroker/rpc.sock".to_string()  // FALLBACK
}

Attack Scenario

  • If HOME and HERO_SOCKET_DIR are unset (e.g., in certain container environments), the SDK connects to /tmp/
  • Any user on the system can create a fake socket at that path
  • The SDK would connect to the attacker's socket, leaking API keys and requests
  • /tmp/ is world-writable — trivial to exploit

Recommendation

  • Fail with an error instead of falling back to /tmp
  • Validate that the socket directory is not world-writable
  • Add a config option to require an explicit socket path
## Severity: High ## Location `crates/hero_aibroker_sdk/src/lib.rs` — `default_socket_path()` ## Finding The SDK's socket path resolution has a fallback to `/tmp/`: ```rust pub fn default_socket_path() -> String { if let Ok(p) = std::env::var("HERO_AIBROKER_SOCKET") { return p; } if let Ok(dir) = std::env::var("HERO_SOCKET_DIR") { return format!("{dir}/hero_aibroker/rpc.sock"); } if let Ok(home) = std::env::var("HOME") { return format!("{home}/hero/var/sockets/hero_aibroker/rpc.sock"); } "/tmp/hero/var/sockets/hero_aibroker/rpc.sock".to_string() // FALLBACK } ``` ## Attack Scenario - If `HOME` and `HERO_SOCKET_DIR` are unset (e.g., in certain container environments), the SDK connects to `/tmp/` - Any user on the system can create a fake socket at that path - The SDK would connect to the attacker's socket, leaking API keys and requests - `/tmp/` is world-writable — trivial to exploit ## Recommendation - Fail with an error instead of falling back to /tmp - Validate that the socket directory is not world-writable - Add a config option to require an explicit socket path
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
development
main
development_align_chat_drop_sdk_specs
development_drop_stale_openrpc_artifacts
latest
lab-latest
v0.1.1
v0.1.0
Labels
Clear labels   
prio_critical

   
prio_low

   
type_bug

   
type_contact

   
type_issue

   
type_lead

   
type_question

   
type_story

   
type_task
No labels
prio_critical
prio_low
type_bug
type_contact
type_issue
type_lead
type_question
type_story
type_task
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
lhumina_code/hero_aibroker#96
No description provided.