You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
docs(all): expand security guides and add llm prompt
- Add llm-prompt.md safety guard for AI command execution
- Expand security.md with native process hardening and defense-in-depth stack
- Harden examples.md AI Agent Integration with specific allowlist
- Streamline interpreter-usage.md with clearer safe execution patterns
- Update configuration.md with new spawn options documentation
- Update README.md with privilege dropping and Windows hardening features
-**Timeout Protection** - Automatic process termination after configurable timeout
23
23
-**Argument Validation** - Limit arguments and block dangerous characters
24
24
-**Real-Time Streaming** - Stream stdout/stderr with callback support
25
+
-**Privilege Dropping** - Run child processes as different user/group via `uid`/`gid`
26
+
-**Native AbortSignal** - Node.js built-in abort for reliable process termination
27
+
-**Windows Hardening** - Hide console windows and disable argument quoting
25
28
26
29
## Installation
27
30
@@ -63,7 +66,10 @@ Terminal.initialize({
63
66
deny: ['rm *', 'sudo *'],
64
67
maxArgs: 10,
65
68
strictArgs: true,
66
-
noShell: true
69
+
noShell: true,
70
+
killSignal: 'SIGTERM',
71
+
windowsHide: false,
72
+
windowsVerbatimArguments: false
67
73
},
68
74
env: {
69
75
allow: ['NODE_ENV', 'PATH'],
@@ -97,7 +103,50 @@ Terminal.initialize({
97
103
deny: ['rm -rf *', 'sudo *'], // Blocked patterns
98
104
maxArgs: 10, // Limit argument count
99
105
strictArgs: true, // Block shell metacharacters
100
-
noShell: true// Direct execution, no shell
106
+
noShell: true, // Direct execution, no shell
107
+
killSignal: 'SIGTERM', // Signal sent on timeout/abort
108
+
windowsHide: false, // Hide console window on Windows
109
+
windowsVerbatimArguments: false// Disable Windows arg quoting
110
+
}
111
+
})
112
+
```
113
+
114
+
### Privilege Dropping
115
+
116
+
Run child processes as a different user or group via `setuid`/`setgid`:
117
+
118
+
```typescript
119
+
Terminal.initialize({
120
+
workspaces: ['/safe/project'],
121
+
commands: {
122
+
allow: ['git *', 'npm *'],
123
+
deny: ['rm *', 'sudo *'],
124
+
maxArgs: 10,
125
+
strictArgs: true,
126
+
noShell: true
127
+
},
128
+
uid: 1000, // Run as user ID 1000
129
+
gid: 1000// Run as group ID 1000
130
+
})
131
+
```
132
+
133
+
> **Note**: `uid`/`gid` require the parent process to have permission to change to the target identity. Combine with OS-level unprivileged users for real isolation.
134
+
135
+
### Windows Hardening
136
+
137
+
Prevent console window pop-ups and argument injection on Windows:
Copy file name to clipboardExpand all lines: docs/configuration.md
+59-13Lines changed: 59 additions & 13 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,24 +1,31 @@
1
1
# Configuration
2
2
3
-
Terminal uses a configuration object to define security policies. All settings are optional and merge with sensible defaults.
3
+
Terminal uses a configuration object to define command filtering policies. All settings are optional and merge with sensible defaults.
4
+
5
+
> **Important**: Terminal is a **command string filter**, not a sandbox. It validates the command and arguments before spawning. Once a command is allowed, the OS controls what it can access. See [Security](./security.md) for OS-level hardening.
Run spawned processes as a different user or group via `setuid`/`setgid`. Requires the parent process to have sufficient privileges.
139
+
140
+
```typescript
141
+
uid: 1000// Run as user ID 1000
142
+
gid: 1000// Run as group ID 1000
143
+
```
144
+
145
+
> **Note**: `uid`/`gid` are applied at the OS level via Node.js `spawn()`. The parent process must have permission to change to the target user/group. This is a defense-in-depth layer — combine with OS-level unprivileged users for real isolation.
146
+
101
147
## Pattern Syntax
102
148
103
149
Patterns use token matching with optional wildcards:
@@ -108,5 +154,5 @@ Patterns use token matching with optional wildcards:
108
154
109
155
## See Also
110
156
111
-
-[Security](./security.md) - Deep dive into security concepts
0 commit comments