← Back to Clusters

Sandbox Path Management Fixes

A collection of pull requests addressing various issues related to sandbox path management and security in the OpenClaw framework.

12 PRs
fix docker browser security Representative: #3907
# Title Author Created GitHub
3907 fix(sandbox): use absolute /bin/sh path + add allowedReadPaths config rep pvoo 2026-01-29 View
8296 fix(browser): bind sandbox browser bridge to 0.0.0.0 for container access gavinbmoore 2026-02-03 View
11054 fix(security): Add auth token to sandbox browser bridge (#11023) shadril238 2026-02-07 View
11820 fix(sandbox): remap container paths in sandboxed file tools steflsd 2026-02-08 View
12174 fix(agents): add path containment check in apply_patch for non-sandboxed mode coygeek 2026-02-08 View
13873 fix(sandbox): prevent Windows PATH from poisoning docker exec alessandrorodi 2026-02-11 View
14810 fix:sandbox file path Inconsistency luckylhb90 2026-02-12 View
16509 Fix sandbox path validation rejecting Docker bind mount paths Clawborn 2026-02-14 View
16929 fix(security): block access to sensitive directories from within sandbox CornBrother0x 2026-02-15 View
17402 fix:sandbox path issue luckylhb90 2026-02-15 View
21665 fix(sandbox): add /home and /Users to bind-mount denylist AI-Reviewer-QS 2026-02-20 View
23805 Sandbox: default browser network to none and fail bridge without source range bmendonca3 2026-02-22 View