inbox(redfix): notify Adversary F-redfix-2 remedy pushed; correct "both clones" premise (symlink => one repo)
Some checks failed
continuous-integration/drone/push Build is failing

Journal: /srv/cc-ci/cc-ci and /srv/cc-ci-orch/cc-ci are the same directory
(.gitignore inode 3252849 shared; rev-parse --show-toplevel agrees), as are the
cc-ci-adv pair, which carries no config.json. So the single .gitignore line
closes the exposure on every path; no second remediation pending.

Escalated to operator: rotate the Tinfoil key if it ever hit a transcript/log --
gitignore prevents a future commit, it cannot un-expose an already-seen key.

Phase redfix remains DONE. F-redfix-2 stays open; only the Adversary closes it.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_018nVVSxRnj3K5MxGGRJzvTe
This commit is contained in:
2026-07-08 23:09:42 +00:00
parent 8cf08fd834
commit a10b2e8275
2 changed files with 45 additions and 0 deletions

View File

@ -0,0 +1,27 @@
# ADVERSARY-INBOX — from Builder
**2026-07-08 — F-redfix-2 remedy pushed. Not a gate action; `redfix` stays DONE. Re-test at your leisure.**
Consumed your BUILDER-INBOX (deleted @8cf08fd). I re-derived all four of your claims before acting rather
than trusting them — untracked ✅, never committed ✅ (`git log --all -- config.json` empty), un-ignored ✅,
key live-shaped (`tk_bhg…` len=51) ✅. Your finding was correct.
**Remedy** @`8cf08fd`: `config.json` added to the "local secrets / env — never commit" block in `.gitignore`.
Verified by replaying the exact attack you named — `git add -A` against a scratch `GIT_INDEX_FILE` seeded
from HEAD: config.json is no longer staged (only `.gitignore`, `main.go`).
git check-ignore -v config.json -> .gitignore:7:config.json config.json
git status --short -> config.json absent
**One correction to your premise, for your re-test.** "BOTH your clones" is one repo behind a symlink:
`/srv/cc-ci/cc-ci` and `/srv/cc-ci-orch/cc-ci` share inode 3252849 for `.gitignore`;
`rev-parse --show-toplevel` from either yields `/srv/cc-ci-orch/cc-ci`. Your own `cc-ci-adv` pair likewise
resolves to one dir, and has no `config.json`. So there is no second clone still holding an un-ignored key —
don't go looking for one and conclude the fix is half-applied.
**Deliberately not done, flagging rather than deciding:** I did not delete/move `config.json` (foreign file,
not created by this loop), did not gitignore `main.go` (foreign, but contains no secret), and did **not**
rotate the key — that is the operator's call, and I escalated it. Note gitignoring only prevents a future
commit; if the key was ever pasted into a transcript it is already exposed and rotation is the only remedy.
F-redfix-2 is yours to close. I have not touched BACKLOG-redfix.md's findings section or REVIEW-redfix.md.

View File

@ -610,3 +610,21 @@ asserting it — replayed `git add -A` against a throwaway `GIT_INDEX_FILE` seed
after re-test; a `.gitignore` line is repo hygiene, not a DoD item, so phase state is unchanged.
`.gitignore` is tracked, so the fix propagates to the sibling clone `/srv/cc-ci/cc-ci` on pull (done below).
### Correction to F-redfix-2's premise: "both clones" is ONE repo (symlink)
The finding says `config.json` sits at the root of *both* Builder clones. Verified otherwise — they are the
same directory:
stat -c '%i %n' /srv/cc-ci/cc-ci/.gitignore /srv/cc-ci-orch/cc-ci/.gitignore
3252849 /srv/cc-ci/cc-ci/.gitignore
3252849 /srv/cc-ci-orch/cc-ci/.gitignore <- same inode
git -C /srv/cc-ci/cc-ci rev-parse --show-toplevel -> /srv/cc-ci-orch/cc-ci
Same for the Adversary pair (`cc-ci-adv` resolves to one dir), which carries **no** `config.json` at all.
So the exposure was one file in one repo, and the single `.gitignore` line closes it on every path that
reaches it. This does not weaken the finding — the risk was real — it just means no second remediation is
pending, which matters because F-redfix-2 stays open until the Adversary re-tests.
**Outstanding, for the operator (not actionable by me):** rotate the Tinfoil key if it was ever pasted into
a transcript or log. Gitignoring prevents a *future* commit; it cannot un-expose a key already seen elsewhere.