Skip to content

[Ubuntu 24.04][Security] ~/.nemoclaw directory perms stay 755 after manual change instead of being auto-repaired to 700 #4546

Open
Open
[Ubuntu 24.04][Security] ~/.nemoclaw directory perms stay 755 after manual change instead of being auto-repaired to 700#4546
Labels
NV QABugs found by the NVIDIA QA TeamNemoClaw CLIUse this label to identify issues with the NemoClaw command-line interface (CLI).Platform: UbuntuSupport for Linux UbuntubugSomething isn't workingsecuritySomething isn't secure
@PrachiShevate-nv

Description

@PrachiShevate-nv
PrachiShevate-nv
opened on May 29, 2026

Description

On Ubuntu 24.04 with NemoClaw v0.0.54, a fresh install correctly creates ~/.nemoclaw with secure permissions (700 for the directory, 600 for root-level files), but if the directory is later manually loosened to 755, subsequent nemoclaw CLI invocations do not repair it back to 700 even though the test spec requires automatic drift healing of this sensitive state directory.

Environment

  • Device: Ubuntu 24.04 server
  • OS: Ubuntu 24.04
  • Architecture: x86_64
  • Node.js: v22.22.3
  • npm: 10.9.8
  • Docker: Docker version 29.2.1, build a5c7197
  • OpenShell CLI: openshell 0.0.44
  • NemoClaw: v0.0.54
  • OpenClaw: OpenClaw 2026.5.22 (a374c3a)

Steps to Reproduce

  1. Ensure Docker is running and NemoClaw is installed/onboarded (any standard install path is fine; this bug is about the post-onboard home directory permissions).

  2. Check the initial directory permission:

    stat -c '%a %n' ~/.nemoclaw/

  3. Check root-level file permissions under ~/.nemoclaw/:

    find ~/.nemoclaw/ -maxdepth 1 -type f -exec stat -c '%a %n' {} \;

  4. Run an "INSECURE" scan to confirm no group/world bits are set on files:

    find ~/.nemoclaw/ -maxdepth 1 -type f -perm /077 -exec echo 'INSECURE: {}' \;
echo $?

  5. Simulate permission drift by loosening the directory:

    chmod 755 ~/.nemoclaw/
stat -c '%a %n' ~/.nemoclaw/

  6. Invoke any NemoClaw command that reads state (e.g.):

    nemoclaw list

  7. Re-check the directory permission after the CLI run:

    stat -c '%a %n' ~/.nemoclaw/

Expected Result

After onboard completes:

  • stat -c '%a %n' ~/.nemoclaw/ prints 700 /home/<user>/.nemoclaw/ (owner rwx only; no group/world bits).
  • Every root-level file under ~/.nemoclaw/ (e.g. config.json, credentials.json, sandboxes.json, ollama-proxy-token, usage-notice.json) has mode 600 (owner rw only), with no 644 or any group/world-readable modes.
  • The "INSECURE" scan (find ... -perm /077) prints no matches (no files with group/world bits).

After manual drift (chmod 755 ~/.nemoclaw/), the next nemoclaw CLI invocation should:

  • Detect that ~/.nemoclaw/ is too permissive.
  • Repair it back to 700 automatically.
  • nemoclaw list should still run normally.
  • A post-command stat -c '%a %n' ~/.nemoclaw/ should again show 700 /home/<user>/.nemoclaw/, proving that permission drift was healed.

Actual Result

Immediately after install/onboard (good state):

stat -c '%a %n' ~/.nemoclaw/
# 700 /localhome/local-mercl/.nemoclaw/

find ~/.nemoclaw/ -maxdepth 1 -type f -exec stat -c '%a %n' {} \;
# 600 /localhome/local-mercl/.nemoclaw/ollama-auth-proxy.pid
# 600 /localhome/local-mercl/.nemoclaw/onboard-session.json
# 600 /localhome/local-mercl/.nemoclaw/ollama-proxy-token
# 600 /localhome/local-mercl/.nemoclaw/sandboxes.json
# 600 /localhome/local-mercl/.nemoclaw/usage-notice.json

find ~/.nemoclaw/ -maxdepth 1 -type f -perm /077 -exec echo 'INSECURE: {}' \;
echo $?
# (no output)
# 0
  • Directory is 700.
  • Root-level files are 600.
  • No insecure files found (no group/world bits).

After simulating drift and running nemoclaw list:

chmod 755 ~/.nemoclaw/
stat -c '%a %n' ~/.nemoclaw/
# 755 /localhome/local-mercl/.nemoclaw/

nemoclaw list
# Sandboxes:
#   my-assistant *
#       agent:       openclaw
#       model:       qwen2.5:7b
#       provider:    ollama-local
#       sandbox GPU
#       policies:    npm, pypi, huggingface, brew, local-inference, openclaw-pricing
#       dashboard:   http://127.0.0.1:18790/
# * = default sandbox

stat -c '%a %n' ~/.nemoclaw/
# 755 /localhome/local-mercl/.nemoclaw/                ← still 755, not repaired to 700
  • nemoclaw list runs successfully and prints the sandbox summary.
  • Directory remains at 755; NemoClaw does not tighten it back to 700.
  • Re-running nemoclaw list again still leaves the directory at 755.

Logs

Relevant CLI and permission outputs are included above under Actual Result.

No additional NemoClaw or OpenShell logs were captured for this issue; behavior is fully observable from filesystem permissions and the nemoclaw list output.

Metadata

Metadata

Assignees

No one assigned

    Labels

    NV QABugs found by the NVIDIA QA TeamNemoClaw CLIUse this label to identify issues with the NemoClaw command-line interface (CLI).Platform: UbuntuSupport for Linux UbuntubugSomething isn't workingsecuritySomething isn't secure

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions