Skip to content

security: add SHA-256 integrity check for downloaded docker-compose file#540

Closed
TerminalsandCoffee wants to merge 1 commit intoSuperClaude-Org:masterfrom
TerminalsandCoffee:security/fix-docker-compose-integrity
Closed

security: add SHA-256 integrity check for downloaded docker-compose file#540
TerminalsandCoffee wants to merge 1 commit intoSuperClaude-Org:masterfrom
TerminalsandCoffee:security/fix-docker-compose-integrity

Conversation

@TerminalsandCoffee
Copy link
Copy Markdown
Contributor

@TerminalsandCoffee TerminalsandCoffee commented Mar 15, 2026

Summary

Adds SHA-256 hash verification for the docker-compose.dist.yml file downloaded during AIRIS MCP Gateway installation, preventing execution of tampered compose files.

Fixes #537

Problem

The installer downloads docker-compose.dist.yml from a raw GitHub URL and immediately runs docker compose up -d — with no checksum, no signature, and no pinned commit. If the upstream repo is compromised, arbitrary containers execute on the user's machine with host filesystem access (via ${PWD} read-write mounts).

Changes

  • Added hashlib import
  • After download, computes SHA-256 of the compose file and compares against a known-good hash
  • If the hash doesn't match: prints expected vs actual hash, deletes the file, aborts installation
  • Hash constant (EXPECTED_COMPOSE_HASH) must be updated when the upstream compose file is intentionally changed

Test plan

  • Verify clean installation succeeds with matching hash
  • Verify installation aborts cleanly when hash doesn't match (e.g., modify the expected hash constant)
  • Verify the downloaded file is deleted on hash mismatch

🤖 Generated with Claude Code

@TerminalsandCoffee @claude
security: add SHA-256 integrity check for downloaded docker-compose file
21a92c9 
The AIRIS MCP Gateway installer downloads a docker-compose.yml from a
raw GitHub URL and immediately executes it via docker compose up with
no integrity verification. If the upstream repo is compromised, arbitrary
containers run on the user's machine with host filesystem access.

This change:
- Adds SHA-256 hash verification after downloading docker-compose.dist.yml
- Aborts installation and deletes the file if the hash doesn't match
- Prints expected vs actual hash for debugging

The hash must be updated when the upstream docker-compose.dist.yml is
intentionally changed.

Fixes #537

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@TerminalsandCoffee TerminalsandCoffee closed this by deleting the head repository Apr 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@NomenAK NomenAK Awaiting requested review from NomenAK NomenAK is a code owner

@mithun50 mithun50 Awaiting requested review from mithun50 mithun50 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Security: Docker compose downloaded and executed without integrity verification

1 participant

@TerminalsandCoffee