ys/GenericAgent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(sandbox): patch Popen + block startfile to prevent window leaks

Browse Source 
subprocess.run was already patched with CREATE_NO_WINDOW, but Popen and
os.startfile were unprotected. Agent code could open visible GUI windows
via subprocess.Popen(['notepad.exe']) or os.startfile().
This commit is contained in:
MuziIsabel
2026-04-25 10:55:36 +08:00
parent 08181be4bf
commit 3b93c6137d
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
assets/code_run_header.py
View File

@@ -19,4 +19,12 @@ def _run(*a, **k):
if r.stderr is not None: r.stderr = _d(r.stderr)
return r
subprocess.run = _run
_Pi = subprocess.Popen.__init__
def _pinit(self, *a, **k):
if os.name == 'nt': k['creationflags'] = (k.get('creationflags') or 0) | 0x08000000
_Pi(self, *a, **k)
subprocess.Popen.__init__ = _pinit
if hasattr(os, 'startfile'):
def _nosf(*a, **k): raise RuntimeError("startfile disabled in sandbox")
os.startfile = _nosf
sys.excepthook = lambda t, v, tb: (sys.__excepthook__(t, v, tb), print(f"\n[Agent Hint]: NO GUESSING! You MUST probe first. If missing common package, pip.")) if issubclass(t, (ImportError, AttributeError)) else sys.__excepthook__(t, v, tb)