[C5] Auto-update verified only by SHA-256 over same channel, no signature -> fleet-wide SYSTEM RCE on MITM #14
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Severity: Critical
Component(s): agent
Affected file(s):
agent/src/update.rsProblem:
Auto-update is verified by a SHA-256 hash delivered over the same channel as the binary, with no signature, so a MITM or evil relay yields fleet-wide SYSTEM RCE. The code carries a TODO, and a
dev_insecure_tlsescape hatch widens the exposure.Recommended fix:
Embed an Ed25519 public key, sign the manifest and binary, verify before
install_update, and lockdev_insecure_tlsto debug builds only.Remediation phase: P2 (SPEC-021)
From the 2026-06-05 three-way review (Claude+Gemini+Grok) — see reports/review-2026-06-05/SYNTHESIS-three-way.md (finding C5) and REMEDIATION-PLAN.md (P2).