security: reject reserved fds (0/1/2) for --passphrase-fd and --mnemonic-fd

Passing fd 0, 1, or 2 to either flag is always a bug and can be destructive: --passphrase-fd 1 → os.read(1,…) reads stdout, os.close(1) kills all output --passphrase-fd 2 → os.read(2,…) reads stderr, os.close(2) kills error output --mnemonic-fd 0 → wraps stdin with fdopen, corrupting the stdin pipe

Both _resolve_passphrase and _read_mnemonic_securely now reject fd < 3 with a clear error before touching the descriptor.

8 tests in test_fd_guard.py.

sha256:1ae4c1a788dd9cfc6f3932bd48c1d08772c02d13ec930f84b7b6bbfc04a71025 sha

sha256:032ab53dcd3de86bedc0612e466cdc5e645e79c24e149907d476f4e123a3d410 parent

sha256:9066143dba49e6ee5a3aede0f4358ed5a35cff884f0d1ec8c89887dca3aeb544 snapshot

← Older Oldest on task/fd-guard

All commits

Newer → Latest on task/fd-guard

0 comments

No comments yet. Be the first to start the discussion.

To add a comment, use the Muse CLI: muse hub commit comment sha256:1ae4c1a788dd9cfc6f3932bd48c1d08772c02d13ec930f84b7b6bbfc04a71025 --body "your comment"

Provenance signed

AI Agent

claude-sonnet-4-6

Agent claude-code

Signature Cryptographically verified

Snapshot

ID sha256:9066143dba49e6ee5a3aede0f4358ed5a35cff884f0d1ec8c89887dca3aeb544

Files 0

Browse tree at this commit →

Commit

SHA sha256:1ae4c1a788dd9cfc6f3932bd48c1d08772c02d13ec930f84b7b6bbfc04a71025

Parent

sha256:032ab53dcd3de86bedc0612e466cdc5e645e79c24e149907d476f4e123a3d410

Branch task/fd-guard