Allegro 384fad6d5f security: Add author whitelist for task router (Issue #132) ...

Implements security fix for issue #132 - Task router author whitelist

Changes:
- Add author_whitelist.py module with whitelist validation
- Integrate whitelist checks into task_router_daemon.py
- Add author_whitelist config option to config.yaml
- Add comprehensive tests for whitelist validation

Security features:
- Validates task authors against authorized whitelist
- Logs all authorization attempts (success and failure)
- Secure by default: empty whitelist denies all
- Configurable via environment variable or config file
- Prevents unauthorized command execution from untrusted Gitea users

2026-03-31 03:53:37 +00:00

6.3 KiB

Raw Blame History

View Raw