fix: harden managed Linux bootstrap#792
Conversation
|
Codex review: needs maintainer review before merge. Reviewed July 4, 2026, 2:29 PM ET / 18:29 UTC. Summary Reproducibility: yes. for source reproduction: current main and v0.35.0 still emit the Code and default Tailscale root curl-to-shell installer paths. I did not run a live installer compromise, but source inspection is sufficient to prove the vulnerable bootstrap shape. Review metrics: 3 noteworthy metrics.
Root-cause cluster Members:
Proposal only: this assessment does not dispatch repair, suppress jobs, mutate sibling items, close, or merge anything. Merge readiness Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch. Rank-up moves:
Risk before merge
Maintainer options:
Next step before merge
Security Review detailsBest possible solution: Land the hardening after maintainers accept the stricter fail-closed Tailscale package contract and normal branch protection is green, keeping the Go and Worker bootstrap generators aligned. Do we have a high-confidence way to reproduce the issue? Yes for source reproduction: current main and v0.35.0 still emit the Code and default Tailscale root curl-to-shell installer paths. I did not run a live installer compromise, but source inspection is sufficient to prove the vulnerable bootstrap shape. Is this the best way to solve the issue? Mostly yes: checksum-verified code-server archives and a signed Tailscale APT repository are the narrow maintainable hardening direction. The remaining choice is whether maintainers accept fail-closed package-mode compatibility behavior as the new default. AGENTS.md: found and applied where relevant. Codex review notes: model internal, reasoning high; reviewed against 26a72c6db6f4. Label changesLabel changes:
Label justifications:
Evidence reviewedWhat I checked:
Likely related people:
What the crustacean ranks mean
Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics. How this review workflow works
Review history (7 earlier review cycles)
|
36cb72d to
73aac03
Compare
Co-authored-by: Andy Ye <35905412+TurboTheTurtle@users.noreply.github.com>
73aac03 to
21a6f42
Compare
|
Exact-head refresh: Live proof on this exact head:
|
|
Landed on Closeout proof:
|
Closes #715.
Closes #816.
Supersedes #742 because GitHub rejected maintainer pushes to the contributor fork despite maintainer edits being enabled. This replacement preserves Andy Ye as co-author and keeps @TurboTheTurtle's changelog credit.
Summary
Verification
Exact candidate:
21a6f42b27c9cf19bb673a565b946b504b8260cd.go vet ./...go test -race ./... -count=1— all changed packages and all other packages passed; the unchanged RunPod rollback timing assertion exceeded its local macOS threshold once by 0.28s, then passed 10/10 isolated (13/13 across retries).a36a324602ca1d5a01b3ca5e020d5fe6dfc05cb16f56d8314e56c70c7195ff6c; neither legacy pipe-to-shell installer URL remains.Exact live proof
4.126.0.1.98.8.crabbox-pr792-21a6f42b-10235, obtained a redacted100.xaddress, then logged out.Maintainer compatibility decision
Accepted: the stricter default package mode intentionally supports Debian/Ubuntu codenames and fails closed on unsupported distro, codename, keyring, or downloaded-artifact ownership. The explicit pinned-static mode remains available. No legacy curl-to-shell compatibility fallback is retained.