Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion sandboxd/server/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -465,7 +465,7 @@ func (s *Server) requireRoot(next http.HandlerFunc) http.HandlerFunc {
}

// resolveScope matches the bearer token to root ("") or a tenant name. With
// no api token and no tenants the node-level endpoints stay open, as before.
// no api token and no tenants the node-level endpoints stay open.
func (s *Server) resolveScope(r *http.Request) (string, bool) {
if s.apiToken == "" && len(s.tenants) == 0 {
return "", true
Expand Down
2 changes: 0 additions & 2 deletions sdk/openai/cocoonsandbox_openai/adapter.py
Original file line number Diff line number Diff line change
Expand Up @@ -126,8 +126,6 @@ def _sandbox(self, timeout: float | None = None) -> Sandbox:
return Sandbox(client=client, id=s.sandbox_id, token=s.sandbox_token, owner=s.owner or s.addr)

def _abs(self, path: Path | str) -> Path:
# The SDK hands paths as str or Path; a relative one roots at the
# manifest workspace.
path = Path(path)
if path.is_absolute():
return path
Expand Down
2 changes: 2 additions & 0 deletions silkd/src/sysutil.rs
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,8 @@ fn lookup_user(user: &str) -> Result<(u32, u32, String), String> {
if pw.is_null() {
return Err(format!("unknown user {user:?}"));
}
// SAFETY: pw is non-null (checked) and, with NSS_LOCK still held, points to
// a valid passwd whose pw_dir is a NUL-terminated string it owns.
let pw = unsafe { &*pw };
let home = unsafe { std::ffi::CStr::from_ptr(pw.pw_dir) }
.to_string_lossy()
Expand Down
Loading