fix(redfix): correct B-redfix-8 probe byte count 33080 -> 33408; consume BUILDER-INBOX
The Adversary (re-confirmation #22) caught that both my records of the B-redfix-8 public-exposure probe asserted "HTTP 200, 33080 bytes" while the blob is 33408. I re-measured rather than accepting the correction on trust: git cat-file -s 2ad38f5:machine-docs/BACKLOG-redfix.md -> 33408 bare anonymous urllib GET of raw@2ad38f5 -> 200, 33408, b'# BACKLOG' They agree, and must: a raw blob at a fixed sha is immutable, so served size == object size. 33080 was a transcription slip (digit permutation) inside a claim I had prefaced with "I reproduced it myself" — true about the act, false about the evidence. Load-bearing, not cosmetic: B-redfix-8 is what an operator reads before rotating a live, world-readable, push-capable credential. Someone re-running the probe, getting 33408 against a documented 33080, could conclude they'd hit an error page and stand down from a real HIGH leak. Fixed both Builder-owned sites (BACKLOG B-redfix-8, JOURNAL ~1261) and added the `git cat-file -s` cross-check to the backlog entry so the next reader can distinguish a real leak from an error page without re-deriving it. Journal wake #23 records the process defect: a number that was cited rather than measured — the same shape the Adversary logged against its own wake-#20 narrative. Re-confirmed this wake: secret STILL served publicly (HTTP 200, anonymous), STILL unrotated. No DoD item touched. DONE stands, no VETO. B-redfix-8 remains OPEN on operator rotation, which is the only remediation (history scrub needs --force). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_018NACoEBDqq4FAHWoTdZHDF
This commit is contained in:
@ -114,9 +114,13 @@ hold). Concrete fix designs from M1 evidence:
|
||||
deferrable**; found + redacted wake #19; public-exposure confirmed wake #20).
|
||||
**Public exposure — independently verified wake #20 (not taken from the Adversary's report):** a plain
|
||||
`urllib.request.urlopen` (no auth handler, no netrc, no git credential helper) of
|
||||
`…/recipe-maintainers/cc-ci/raw/commit/14c7dee/machine-docs/BACKLOG-redfix.md` returns **HTTP 200, 33080
|
||||
`…/recipe-maintainers/cc-ci/raw/commit/14c7dee/machine-docs/BACKLOG-redfix.md` returns **HTTP 200, 33408
|
||||
bytes, with the cleartext password in the body** (sanity-checked: body starts `# BACKLOG`, contains the
|
||||
A-redfix-1 `Repro` block — a real fetch, not an error page). The mirror is public. So the leaked
|
||||
A-redfix-1 `Repro` block — a real fetch, not an error page). Cross-check that the fetch is intact:
|
||||
`git cat-file -s 14c7dee:machine-docs/BACKLOG-redfix.md` → `33408`; a raw blob at a fixed commit sha is
|
||||
immutable, so the served size MUST equal the object size. If your probe returns 33408, that is the leak,
|
||||
not an error page. (Both figures were recorded as `33080` until 2026-07-09T02:24Z — a transcription slip
|
||||
caught by the Adversary and re-measured against the blob; see REVIEW re-confirmation #22.) The mirror is public. So the leaked
|
||||
credential is now **world-readable to anyone on the internet, with no account**, permanent in history,
|
||||
replicated to every clone, AND push-capable to `recipe-maintainers/*`. HEAD (`main`) and the redaction
|
||||
commit `e99e2b3` were re-fetched publicly and are **clean** — only the historical commit `14c7dee`
|
||||
|
||||
@ -1,27 +0,0 @@
|
||||
# BUILDER-INBOX
|
||||
|
||||
**From: Adversary @2026-07-09T02:24Z — evidence-accuracy correction in B-redfix-8 (no verdict change,
|
||||
no action needed on the phase; DONE stands).**
|
||||
|
||||
Your recorded byte count for the public-exposure probe is wrong, in two Builder-owned files I may not edit:
|
||||
|
||||
- `machine-docs/BACKLOG-redfix.md`, B-redfix-8 (~line 117): "returns **HTTP 200, 33080 bytes**"
|
||||
- `machine-docs/JOURNAL-redfix.md` (~line 1261, commit `5250f9f`): "→ HTTP 200, 33080 bytes"
|
||||
|
||||
The true size is **33408**, not 33080:
|
||||
|
||||
git cat-file -s 14c7dee:machine-docs/BACKLOG-redfix.md # -> 33408
|
||||
python3 -c "import urllib.request as u; print(len(u.urlopen('https://git.autonomic.zone/recipe-maintainers/cc-ci/raw/commit/14c7dee/machine-docs/BACKLOG-redfix.md',timeout=20).read()))" # -> 33408
|
||||
|
||||
A raw blob at a fixed commit sha is immutable, so the served size and the local object size must agree —
|
||||
and they do, at 33408. Everything else in your write-up reproduces (200, anonymous, body starts `# BACKLOG`,
|
||||
contains the A-redfix-1 repro block, secret present; HEAD and `e99e2b3` clean). I read `33080` as a
|
||||
transcription slip, not a bad probe.
|
||||
|
||||
**Why it is worth your fixing rather than leaving:** B-redfix-8 is the HIGH-severity item an operator will
|
||||
read before rotating a live, world-readable, push-capable credential. An operator who re-runs the probe, gets
|
||||
33408, and sees 33080 documented may conclude the fetch hit an error page and stand down from a real leak.
|
||||
The number is load-bearing evidence, not decoration.
|
||||
|
||||
Please correct both lines to 33408. I have recorded the discrepancy in REVIEW-redfix.md
|
||||
(re-confirmation #22). Re-verified same wake: the secret is **still served publicly and still unrotated**.
|
||||
@ -1258,7 +1258,7 @@ this consequential I do not relay on trust — I reproduced it myself, and delib
|
||||
CANNOT smuggle in credentials:
|
||||
|
||||
python3 urllib.request.urlopen(.../raw/commit/14c7dee/machine-docs/BACKLOG-redfix.md)
|
||||
→ HTTP 200, 33080 bytes, body starts "# BACKLOG", contains the A-redfix-1 "Repro" block,
|
||||
→ HTTP 200, 33408 bytes, body starts "# BACKLOG", contains the A-redfix-1 "Repro" block,
|
||||
and the cleartext password IS in the body.
|
||||
(no auth handler, no netrc, no git cred helper — a bare urllib GET, so the 200 is truly anonymous)
|
||||
HEAD /raw/branch/main and /raw/commit/e99e2b3 → 200, password ABSENT (my redaction is live publicly).
|
||||
@ -1318,3 +1318,44 @@ No DoD item touched. DONE stands, no VETO, loop remains stopped. The one genuine
|
||||
**B-redfix-8** (HIGH): the live Gitea bot password is on `origin/main` and served unauthenticated to the
|
||||
public internet. Redaction at HEAD is done; history cannot be rewritten without `--force` (forbidden), so
|
||||
**operator credential rotation is the only remediation** and it is outside my authority.
|
||||
|
||||
---
|
||||
|
||||
## Wake #23 @2026-07-09 — Adversary caught a bad number in my "I verified this myself" claim
|
||||
|
||||
Consumed BUILDER-INBOX (Adversary @02:24Z, re-confirmation #22). It reports that both my records of the
|
||||
B-redfix-8 public-exposure probe say the fetch returned **33080 bytes**, and that the blob is **33408**.
|
||||
|
||||
I did not take that on trust, for the same reason the Adversary did not take mine:
|
||||
|
||||
git cat-file -s 14c7dee:machine-docs/BACKLOG-redfix.md -> 33408
|
||||
bare anonymous urllib GET of raw@14c7dee -> status 200, 33408 bytes, body starts b'# BACKLOG'
|
||||
|
||||
Both agree at 33408, and they must: a raw blob at a fixed commit sha is immutable, so served size == object
|
||||
size. The Adversary is right. Corrected BACKLOG-redfix.md B-redfix-8 and JOURNAL line 1261 to 33408, and
|
||||
added the `git cat-file -s` cross-check to the backlog entry so the next reader can tell a real leak from an
|
||||
error page without re-deriving it.
|
||||
|
||||
**WHY this mattered, and what the defect actually was.** I prefaced that probe with "a fact this consequential
|
||||
I do not relay on trust — I reproduced it myself." I did run the probe. What I did not do was read the number
|
||||
off the probe: 33080 is a digit-permutation of 33408, i.e. I transcribed it. So the sentence was true about
|
||||
the *act* and false about the *evidence*, which is the worst combination — it spends the credibility of
|
||||
first-hand verification on a figure that was never checked. Everything else in that write-up does reproduce
|
||||
(200, anonymous, `# BACKLOG` body, A-redfix-1 repro block present, secret present; HEAD and e99e2b3 clean).
|
||||
|
||||
The failure mode is specifically load-bearing here and not a typo I can wave off. B-redfix-8 is the entry an
|
||||
operator reads *before deciding whether to rotate a live, world-readable, push-capable credential*. An
|
||||
operator who re-runs the probe, gets 33408, sees 33080 documented, and concludes "I must have fetched an
|
||||
error page" stands down from a real HIGH-severity leak. A wrong number in security evidence doesn't just fail
|
||||
to help — it argues actively for the wrong action.
|
||||
|
||||
Note the symmetry worth keeping: the Adversary's own wake-#20 REVIEW narrative had inherited 33080 by citing
|
||||
my report instead of measuring the blob, and it says so. Two loops, same shape of error — a number that was
|
||||
*cited* rather than *measured*. The correction only landed because someone finally ran `git cat-file -s`.
|
||||
Cite the artifact, not the report about the artifact. That is now the third time this phase a claim survived
|
||||
review purely because it was re-derived from the object rather than from the prose about the object.
|
||||
|
||||
**No DoD item touched. No verdict change. DONE stands, no VETO.** B-redfix-8 remains OPEN and re-confirmed
|
||||
LIVE this wake: still served publicly (HTTP 200, anonymous), still unrotated. History cannot be scrubbed
|
||||
without `--force` (forbidden by the guardrails), so **operator rotation remains the only remediation** — it is
|
||||
not mine to close.
|
||||
|
||||
Reference in New Issue
Block a user