LLM/moltbot
1
0
Fork 0
mirror of https://github.com/moltbot/moltbot.git synced 2026-04-29 01:31:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): harden sandbox browser network defaults

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-21 14:01:40 +01:00
parent cf82614259
commit f48698a50b
19 changed files with 224 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/gateway/configuration-reference.md
View File

@@ -930,7 +930,9 @@ Optional **Docker sandboxing** for the embedded agent. See [Sandboxing](/gateway
browser: {
enabled: false,
image: "openclaw-sandbox-browser:bookworm-slim",
network: "openclaw-sandbox-browser",
cdpPort: 9222,
cdpSourceRange: "172.21.0.1/32",
vncPort: 5900,
noVncPort: 6080,
headless: false,
@@ -995,6 +997,8 @@ Optional **Docker sandboxing** for the embedded agent. See [Sandboxing](/gateway
noVNC observer access uses VNC auth by default and OpenClaw emits a short-lived token URL (instead of exposing the password in the shared URL).
- `allowHostControl: false` (default) blocks sandboxed sessions from targeting the host browser.
- `network` defaults to `openclaw-sandbox-browser` (dedicated bridge network). Set to `bridge` only when you explicitly want global bridge connectivity.
- `cdpSourceRange` optionally restricts CDP ingress at the container edge to a CIDR range (for example `172.21.0.1/32`).
- `sandbox.browser.binds` mounts additional host directories into the sandbox browser container only. When set (including `[]`), it replaces `docker.binds` for the browser container.
</Accordion>