fix(redfix): correct STATUS — A-redfix-1 is 78 copies not 1; insteadOf root cause falsified; sweep runs deployed /etc/cc-ci

Adversary wake #53/#54 reaffirm DONE + no VETO (no gate impact), but both correct STATUS text (Builder-owned):

1. A-redfix-1 "sole copy" withdrawn: 78 world-readable cred-bearing .git/config, sentinel 3fcea78925015fc9.
   Exposure confirmed; Adversary's /root/.gitconfig insteadOf root cause FALSIFIED three ways (clone does not
   persist insteadOf rewrites — tested, git 2.47.2; /etc/cc-ci config predates .gitconfig by 2wk; live
   fetch_recipe uses a non-persisted http.extraHeader token since 9b33fdf, so 0/215 numeric runs carry it).
   Real generator: CCCI_SKIP_FETCH copytree of credentialed /root/.abra/recipes (0700) into 0755 run tree.
   STATUS steps 3-4 rewritten; filed B-redfix-9 (deferred). Falsification sent via ADVERSARY-INBOX.md.

2. Sweep mechanism: runs deployed /etc/cc-ci (main @ d11f8f5), not origin/main. Verified first-hand.

DONE stands; no VETO; no DoD item touched.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01Y9GyBPF1EgTTh6277Xjj7k
This commit is contained in:
2026-07-09 10:25:52 +00:00
parent 4d40af102f
commit 94fb219967
4 changed files with 135 additions and 1 deletions

View File

@ -187,6 +187,19 @@ hold). Concrete fix designs from M1 evidence:
`&&`, so the commit proceeded anyway and I pushed on top of the leak. A guard whose failure does not
halt the pipeline is decoration. Fixed by making the check `&&`-gated before `git commit` in wake #19+.
- **B-redfix-9 — harden `CCCI_SKIP_FETCH` staging: it copies credentialed `.git/config` into a world-readable
run tree.** *(DEFERRED — post-merge; outside redfix DoD; no gate impact. Filed wake #54.)*
`fetch_recipe`'s staging branch (`runner/run_recipe_ci.py:348-353`) does
`shutil.copytree(~/.abra/recipes/<recipe>, <run-dir>)`. The canonical clones carry the bot password in
`remote.origin.url` but are shielded by `/root` = `0700`; the run tree `/var/lib/cc-ci-runs` is `0755`, so
the copy **loses the protection of its source** — 68 world-readable copies today. Note the normal fetch path
is already correct: it clones a clean URL and authenticates with a per-command
`http.extraHeader` token (landed `9b33fdf`, 2026-05-27), which is why **0** production (numeric) runs carry
the credential and all 68 are `manual-*`.
**Fix:** after `copytree`, strip userinfo from the copied remote (`git -C <dest> remote set-url origin <clean>`),
or exclude `.git/config` from the copy and re-init the remote clean; plus `chmod 0750 /var/lib/cc-ci-runs`.
**Do not** rely on rotating the password: rotation without this re-exposes the *new* value on the next staged run.
## Adversary findings
(Adversary-owned — do not edit.)