docs(experiment): close bash-bypass-known-gap + kb_add-via-daemon-works (phase 7)#29
Conversation
…-works (phase 7) Phase 7 — the acceptance criterion for issue #1. - experiments/tool-gating/EXPERIMENT.md: bash-bypass-known-gap matrix row 🐛 KNOWN-FAIL → ✅ closed-by-construction (RO brain mount + mykbd daemon = EROFS on every direct write path). 'Discovered security gap' section → 'Gap closure (v2)' documenting the implemented architecture and the in-repo proofs. - New positive scenario kb_add-via-daemon-works.{matrix row, .sh}: the closure must not break legitimate writes — bounds it from the other side (the role allows-non-knowledge-writes plays for the original gating). Backed in-repo by tests/daemon/cli-over-daemon.scenario. - bash-bypass-known-gap.sh header rewritten: KNOWN-FAIL → permanent regression guard (its observe() already self-passes when the bypass fails — no logic change needed). FAITHFUL REPORTING (not overclaimed): the closure MECHANISM is delivered and repo-verified (cli-over-daemon, dual-socket, server.scenario, rpc-store daemon tests). The in-kb-spike-harness green flip is gated on ONE deployment/harness-wiring step — the container applying the v2 RO mount + agent socket per docs/v2-container-topology.md §4 (a viloforge-platform action, out of mykb-repo scope per parent DESIGN §Scope). EXPERIMENT.md states this explicitly rather than faking a harness run. Full suite 650/650; lint clean.
|
Warning Rate limit exceeded
You’ve run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (3)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
1 participant
Phase 7 — the acceptance criterion for issue #1. Final phase of the
v2 privileged-write-channel. Builds on merged Phases 1–6.
What changed
experiments/tool-gating/EXPERIMENT.md:bash-bypass-known-gaprow🐛 KNOWN-FAIL → ✅ closed-by-construction. The brain is bind-mounted
read-only, so
bash > facts.jsonl(and every direct syscall path)returns
EROFS; the only validated write path is the L4 wire tomykbd. Old "Discovered security gap" section → "Gap closure (v2)".kb_add-via-daemon-works(matrix row +.sh)— bounds the closure from the other side: the fix must not break
legitimate writes (the role
allows-non-knowledge-writesplays for theoriginal gating).
bash-bypass-known-gap.shheader: KNOWN-FAIL → permanent regressionguard (its
observe()already self-passes when the bypass fails — nologic change).
Faithful reporting — what is and isn't claimed
mykbddaemon,dual-socket capability enforcement, RO-mount topology, client
switchover. Proven in-repo by
tests/daemon/{cli-over-daemon,dual-socket,server.scenario,rpc-store}.test.ts.the container applying the v2 RO mount + agent socket per
docs/v2-container-topology.md§4 (aviloforge-platformaction, outof mykb-repo scope per parent DESIGN §Scope). EXPERIMENT.md states this
explicitly; no harness run is faked.
Evidence
Full suite 650/650; lint clean.
v2 privileged-write-channel — series complete (issue #1)
Strict TDD red→green every slice; full testing pyramid
(unit→integration→contract→scenario); contract amendments made via the
doc's own change process with forcing rationale; two deferrals
(SO_PEERCRED→resolved P6 via dual-socket; L2 Strategy suite→when a 2nd
backend exists) documented in contract §7.1. Closes the architectural
work for #1.