From ca3c83acdf0b9605f8d67d8d677cfb702047cbdf Mon Sep 17 00:00:00 2001 From: VintLin Date: Tue, 10 Feb 2026 12:39:14 +0800 Subject: [PATCH] fix(security): clarify dmScope remediation path with explicit CLI command # Problem The security audit and onboarding screens suggested 'Set session.dmScope="..."' for multi-user DM isolation. This led users to try setting the value in invalid config paths (e.g., 'channels.imessage.dmScope'). # Changes - Updated 'src/security/audit.ts' to use 'formatCliCommand' for dmScope remediation. - Updated 'src/commands/doctor-security.ts' and 'src/commands/onboard-channels.ts' to use the explicit 'openclaw config set' command format. # Validation - Verified text alignment with 'pnpm tsgo'. - Confirmed CLI command formatting remains consistent across modified files. --- src/commands/doctor-security.ts | 4 +++- src/commands/onboard-channels.ts | 8 ++++++-- src/security/audit.ts | 4 +++- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/src/commands/doctor-security.ts b/src/commands/doctor-security.ts index 9815656211..8cdf194d4b 100644 --- a/src/commands/doctor-security.ts +++ b/src/commands/doctor-security.ts @@ -124,7 +124,9 @@ export async function noteSecurityWarnings(cfg: OpenClawConfig) { if (dmScope === "main" && isMultiUserDm) { warnings.push( - `- ${params.label} DMs: multiple senders share the main session; set session.dmScope="per-channel-peer" (or "per-account-channel-peer" for multi-account channels) to isolate sessions.`, + `- ${params.label} DMs: multiple senders share the main session; run: ` + + formatCliCommand('openclaw config set session.dmScope "per-channel-peer"') + + ' (or "per-account-channel-peer" for multi-account channels) to isolate sessions.', ); } }; diff --git a/src/commands/onboard-channels.ts b/src/commands/onboard-channels.ts index f8bc726674..3a324a321a 100644 --- a/src/commands/onboard-channels.ts +++ b/src/commands/onboard-channels.ts @@ -194,7 +194,9 @@ async function noteChannelPrimer( "DM security: default is pairing; unknown DMs get a pairing code.", `Approve with: ${formatCliCommand("openclaw pairing approve ")}`, 'Public DMs require dmPolicy="open" + allowFrom=["*"].', - 'Multi-user DMs: set session.dmScope="per-channel-peer" (or "per-account-channel-peer" for multi-account channels) to isolate sessions.', + "Multi-user DMs: run: " + + formatCliCommand('openclaw config set session.dmScope "per-channel-peer"') + + ' (or "per-account-channel-peer" for multi-account channels) to isolate sessions.', `Docs: ${formatDocsLink("/start/pairing", "start/pairing")}`, "", ...channelLines, @@ -248,7 +250,9 @@ async function maybeConfigureDmPolicies(params: { `Approve: ${formatCliCommand(`openclaw pairing approve ${policy.channel} `)}`, `Allowlist DMs: ${policy.policyKey}="allowlist" + ${policy.allowFromKey} entries.`, `Public DMs: ${policy.policyKey}="open" + ${policy.allowFromKey} includes "*".`, - 'Multi-user DMs: set session.dmScope="per-channel-peer" (or "per-account-channel-peer" for multi-account channels) to isolate sessions.', + "Multi-user DMs: run: " + + formatCliCommand('openclaw config set session.dmScope "per-channel-peer"') + + ' (or "per-account-channel-peer" for multi-account channels) to isolate sessions.', `Docs: ${formatDocsLink("/start/pairing", "start/pairing")}`, ].join("\n"), `${policy.label} DM access`, diff --git a/src/security/audit.ts b/src/security/audit.ts index 16e778aa35..d21ead266e 100644 --- a/src/security/audit.ts +++ b/src/security/audit.ts @@ -599,7 +599,9 @@ async function collectChannelSecurityFindings(params: { detail: "Multiple DM senders currently share the main session, which can leak context across users.", remediation: - 'Set session.dmScope="per-channel-peer" (or "per-account-channel-peer" for multi-account channels) to isolate DM sessions per sender.', + "Run: " + + formatCliCommand('openclaw config set session.dmScope "per-channel-peer"') + + ' (or "per-account-channel-peer" for multi-account channels) to isolate DM sessions per sender.', }); } };