Yes, the security concern regarding subprocess environment leakage remains valid and is a critical issue. The fix involves ensuring that any subprocess.run or subprocess.Popen call that executes external commands (like ffmpeg or npm) does not inherit the full environment of the parent process, which may contain sensitive API keys.
To address this in tools/transcription_tools.py, you should use the _sanitize_subprocess_env helper function, which is designed to filter out sensitive variables.
Here is the code suggestion to apply this fix to the _prepare_local_audio function:
ffmpeg = _find_ffmpeg_binary()
if not ffmpeg:
return (
None,
"Local STT fallback requires ffmpeg for non-WAV inputs, but ffmpeg was not found",
)
converted_path = os.path.join(work_dir, f"{audio_path.stem}.wav")
command = [ffmpeg, "-y", "-i", file_path, converted_path]
sanitized_env = _sanitize_subprocess_env(os.environ.copy())
subprocess.run(command, check=True, capture_output=True, text=True, env=sanitized_env)
return converted_path, None
Originally posted by @gemini-code-assist[bot] in #681 (comment)
🛡️ Security Vulnerability: Subprocess Environment Leakage in _prepare_local_audio
The _prepare_local_audio function executes ffmpeg via subprocess.run without sanitizing the environment variables passed to the child process:
subprocess.run(command, check=True, capture_output=True, text=True)
This exposes sensitive API keys and credentials contained in the main Hermes process environment to the ffmpeg child process.
Please update the subprocess.run call inside _prepare_local_audio to pass a sanitized environment:
sanitized_env = _sanitize_subprocess_env(os.environ.copy())
subprocess.run(command, check=True, capture_output=True, text=True, env=sanitized_env)
Yes, the security concern regarding subprocess environment leakage remains valid and is a critical issue. The fix involves ensuring that any
subprocess.runorsubprocess.Popencall that executes external commands (likeffmpegornpm) does not inherit the full environment of the parent process, which may contain sensitive API keys.To address this in
tools/transcription_tools.py, you should use the_sanitize_subprocess_envhelper function, which is designed to filter out sensitive variables.Here is the code suggestion to apply this fix to the
_prepare_local_audiofunction:Originally posted by @gemini-code-assist[bot] in #681 (comment)
🛡️ Security Vulnerability: Subprocess Environment Leakage in
_prepare_local_audioThe
_prepare_local_audiofunction executesffmpegviasubprocess.runwithout sanitizing the environment variables passed to the child process:This exposes sensitive API keys and credentials contained in the main Hermes process environment to the
ffmpegchild process.Please update the
subprocess.runcall inside_prepare_local_audioto pass a sanitized environment: