Skip to content

🛡️ Sentinel: [CRITICAL] Fix insecure deserialization in CacheManager#166

Open
docxology wants to merge 2 commits intomainfrom
sentinel-fix-pickle-rce-15186230682775220154
Open

🛡️ Sentinel: [CRITICAL] Fix insecure deserialization in CacheManager#166
docxology wants to merge 2 commits intomainfrom
sentinel-fix-pickle-rce-15186230682775220154

Conversation

@docxology
Copy link
Copy Markdown
Owner

@docxology docxology commented Mar 15, 2026

🛡️ Sentinel: [CRITICAL] Fix insecure deserialization in CacheManager

🚨 Severity: CRITICAL

💡 Vulnerability:

src/codomyrmex/performance/caching/cache_manager.py used pickle.load() to deserialize cache files from a world-writable directory (/tmp/codomyrmex_cache).

🎯 Impact:

This is a critical Remote Code Execution (RCE) vulnerability. Any local attacker with access to /tmp could drop a maliciously crafted .pkl file in this directory. When the application read the cache, pickle.load() would execute the embedded arbitrary code, potentially leading to privilege escalation or complete system compromise under the application's user context.

🔧 Fix:

  • Replaced pickle module usage with the json module for safe serialization.
  • Modified cache file extensions from .pkl to .json.
  • Handled json-specific exceptions correctly (e.g., json.JSONDecodeError, ValueError) so invalid caches are ignored safely.
  • Documented this vulnerability and its learning inside .jules/sentinel.md.

✅ Verification:

  • uv run ruff check src/codomyrmex/performance/caching/cache_manager.py passes.
  • uv run pytest src/codomyrmex/tests/unit/cache/ passes cleanly.

PR created automatically by Jules for task 15186230682775220154 started by @docxology

@google-labs-jules @docxology
fix(performance/caching): replace unsafe pickle with json in CacheMan…
fa2f2ca 
…ager to prevent RCE

- Replaced `pickle` usage with `json` in `CacheManager` to prevent Remote Code Execution via insecure deserialization.
- Updated file extensions for cache files from `.pkl` to `.json`.
- Updated file I/O modes and caught relevant json/file exceptions (`JSONDecodeError`, `TypeError`, `ValueError`).
- Added a security journal entry in `.jules/sentinel.md` documenting the vulnerability and prevention.

Co-authored-by: docxology <6911384+docxology@users.noreply.github.com>
@google-labs-jules
Copy link
Copy Markdown
Contributor

google-labs-jules Bot commented Mar 15, 2026

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

For security, I will only act on instructions from the user who triggered this task.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Mar 15, 2026

🤖 Hi @docxology, I've received your request, and I'm working on it now! You can track my progress in the logs for more details.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Mar 15, 2026

🤖 I'm sorry @docxology, but I was unable to process your request. Please see the logs for more details.

@google-labs-jules @docxology
fix(performance/caching): replace unsafe pickle with json in CacheMan…
7cbefe6 
…ager to prevent RCE

- Replaced `pickle` usage with `json` in `CacheManager` to prevent Remote Code Execution via insecure deserialization.
- Updated file extensions for cache files from `.pkl` to `.json`.
- Updated file I/O modes and caught relevant json/file exceptions (`JSONDecodeError`, `TypeError`, `ValueError`).
- Added a security journal entry in `.jules/sentinel.md` documenting the vulnerability and prevention.

Co-authored-by: docxology <6911384+docxology@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@docxology docxology

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@docxology