Skip to content

chore(specs): add domain egress allowlist threat model#199

Merged
chaliy merged 2 commits intomainfrom
claude/domain-egress-allowlist-THc7Q
Feb 11, 2026
Merged

chore(specs): add domain egress allowlist threat model#199
chaliy merged 2 commits intomainfrom
claude/domain-egress-allowlist-THc7Q

Conversation

@chaliy
Copy link
Contributor

@chaliy chaliy commented Feb 11, 2026

Summary

  • Add threat entries TM-NET-015, TM-NET-016, TM-NET-017 for planned domain-level egress allowlisting
  • Add section 5.6 to spec with SNI-based filtering design rationale
  • Update public threat-model docs with allow_domain() usage and trade-offs

Test plan

  • Docs-only change — no code, no tests needed
  • cargo doc builds without warnings

@claude
chore(specs): add domain egress allowlist threats TM-NET-015/016/017
6fbf3dd 
Add three new threat entries for planned domain-level allowlisting:
- TM-NET-015: Domain allowlist scheme bypass (by design)
- TM-NET-016: Domain allowlist port bypass (by design)
- TM-NET-017: Wildcard subdomain exfiltration (mitigated: not supported)

Add section 5.6 with SNI-based filtering design rationale explaining
why literal host matching is used over DNS, IP, or proxy approaches.

Update public docs with domain allowlist usage guidance and trade-offs.

https://claude.ai/code/session_01Rmh2zh9n7JNNJvsGa95GSs
chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Feb 11, 2026
View reviewed changes
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 6fbf3dd93c

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

crates/bashkit/docs/threat-model.md

// Domain-level: any scheme, port, or path to these hosts
let allowlist = NetworkAllowlist::new()
.allow_domain("api.example.com")
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Avoid documenting allow_domain() before API exists

This section presents NetworkAllowlist::allow_domain() as a current public API, but in this commit the actual implementation (crates/bashkit/src/network/allowlist.rs) only exposes allow, allow_many, and allow_all. Users who copy this example from rustdoc will hit a compile error, and the threat-model guidance becomes inaccurate for current releases rather than clearly marked as planned behavior.

Useful? React with 👍 / 👎.

@claude
chore(deps): add cargo-vet exemptions for updated dependencies
f792df2 
Add exemptions for aws-lc-sys 0.37.1, clap 4.5.58,
clap_builder 4.5.58, and clap_lex 1.0.0.

https://claude.ai/code/session_01Rmh2zh9n7JNNJvsGa95GSs
@chaliy chaliy merged commit 6b0ec4f into main Feb 11, 2026
9 checks passed
@chaliy chaliy deleted the claude/domain-egress-allowlist-THc7Q branch February 11, 2026 23:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@chaliy @claude