- 工作区内部路径 .agents/ -> .astrion/ - 默认运行态数据根 ~/.agents/agents/ -> ~/.astrion/astrion/ - 环境变量 AGENTS_DATA_ROOT -> ASTRION_DATA_ROOT(无兼容) - 同步更新代码、测试、文档与脚本中的路径引用 - 新增 .gitignore 忽略 .astrion/ 与 .agents/ 运行态目录
85 lines
1.7 KiB
Python
85 lines
1.7 KiB
Python
"""安全与确认策略配置。"""
|
||
|
||
from pathlib import Path
|
||
import json
|
||
|
||
from .paths import resolve_deploy_config
|
||
|
||
|
||
def _load_forbidden_commands() -> list[str]:
|
||
"""从独立 JSON 文件加载命令拦截关键词。
|
||
|
||
属于部署级配置(部署者可调宽松/严苛),优先读 ~/.astrion/<mode>/config,
|
||
回退源码树种子。
|
||
"""
|
||
fallback = [
|
||
"rm -rf /",
|
||
"rm -rf ~",
|
||
"format",
|
||
"shutdown",
|
||
"reboot",
|
||
"kill -9",
|
||
"dd if=",
|
||
]
|
||
cfg_path = Path(resolve_deploy_config("forbidden_commands.json"))
|
||
if not cfg_path.exists():
|
||
return fallback
|
||
try:
|
||
payload = json.loads(cfg_path.read_text(encoding="utf-8"))
|
||
except Exception:
|
||
return fallback
|
||
if isinstance(payload, dict):
|
||
raw_items = payload.get("forbidden_commands")
|
||
elif isinstance(payload, list):
|
||
raw_items = payload
|
||
else:
|
||
raw_items = None
|
||
if not isinstance(raw_items, list):
|
||
return fallback
|
||
items: list[str] = []
|
||
for item in raw_items:
|
||
text = str(item or "").strip().lower()
|
||
if text:
|
||
items.append(text)
|
||
return items or fallback
|
||
|
||
|
||
FORBIDDEN_COMMANDS = _load_forbidden_commands()
|
||
|
||
FORBIDDEN_PATHS = [
|
||
"/System",
|
||
"/usr",
|
||
"/bin",
|
||
"/sbin",
|
||
"/etc",
|
||
"/var",
|
||
"/tmp",
|
||
"/Applications",
|
||
"/Library",
|
||
"C:\\Windows",
|
||
"C:\\Program Files",
|
||
"C:\\Program Files (x86)",
|
||
"C:\\ProgramData",
|
||
]
|
||
|
||
FORBIDDEN_ROOT_PATHS = [
|
||
"/",
|
||
"C:\\",
|
||
"~",
|
||
]
|
||
|
||
NEED_CONFIRMATION = [
|
||
"delete_file",
|
||
"delete_folder",
|
||
"clear_file",
|
||
"execute_terminal",
|
||
"batch_delete",
|
||
]
|
||
|
||
__all__ = [
|
||
"FORBIDDEN_COMMANDS",
|
||
"FORBIDDEN_PATHS",
|
||
"FORBIDDEN_ROOT_PATHS",
|
||
"NEED_CONFIRMATION",
|
||
]
|