feat(httpclient): forward cagent install UUID on gateway-bound requests#2653
Merged
dgageot merged 2 commits intodocker:mainfrom May 6, 2026
Merged
feat(httpclient): forward cagent install UUID on gateway-bound requests#2653dgageot merged 2 commits intodocker:mainfrom
dgageot merged 2 commits intodocker:mainfrom
Conversation
![docker-agent[bot]](https://avatars.githubusercontent.com/in/2787757?s=60&v=4){kind=small}
| } | ||
|
|
||
| func save(file, id string) error { | ||
| if err := os.MkdirAll(filepath.Dir(file), 0o755); err != nil { |
There was a problem hiding this comment.
[MEDIUM] Config directory created world-readable (0o755) while UUID file is protected (0o600)
save creates the config directory with 0o755, letting any local user enumerate it and see that the user-uuid file exists — even though they cannot read its contents (protected by 0o600).
Because the UUID is a persistent per-install identifier forwarded as X-Cagent-Id on every gateway request, directory-level enumeration on a shared/multi-user host is a mild privacy leak: it reveals that this tool is installed and (via ls -la) the file's modification time.
Suggested fix: use 0o700 for the directory, consistent with the intent of 0o600 on the file:
if err := os.MkdirAll(filepath.Dir(file), 0o700); err != nil {
gtardif
previously approved these changes
May 6, 2026
The save helper created the config directory with 0o755, letting any local user enumerate it and observe that the user-uuid file exists (and its mtime via ls -la), even though they cannot read its 0o600-protected contents. Since the UUID is a persistent per-install identifier forwarded as X-Cagent-Id on every gateway request, directory-level enumeration on a shared/multi-user host is a mild privacy leak. Use 0o700 on the directory to match the 0o600 protection on the file itself, consistent with other sensitive paths in the codebase (sandbox tokens, sqlite stores, log files). Assisted-By: docker-agent
gtardif
approved these changes
May 6, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Today the models gateway has stable per-session attribution (
X-Cagent-Session-Id, #2631) and per-request metadata (model, provider, runtime), but no way to tie a stream of sessions back to a single cagent install. That gap rules out per-install rate limiting, install-level analytics, and basic abuse signals on the gateway side.Cagent already maintains exactly that identifier: the persistent UUID stored in
$configDir/user-uuidand reported as theuser_uuidtelemetry property. This change extracts that loader into a smallpkg/useridpackage and forwards the value asX-Cagent-Idon gateway-bound requests — the same gating asX-Cagent-Session-Id(only set whenX-Cagent-Forwardis present), so direct provider calls and unrelated outbound HTTP never carry it.pkg/telemetrynow delegates touserid.Getinstead of carrying its own copy of the file/IO logic, so theuser_uuidevent property and theX-Cagent-Idheader are guaranteed to be the same string.userid.Getvalidates the on-disk value withuuid.Parseand regenerates if the file is missing, empty, or corrupted, so a hand-edited file can never propagate a malformed identifier to the gateway. Gateways that don't care can ignore the header, same pattern as #1751 (X-Cagent-Model-Name) and #2631.