66 lines
2.8 KiB
Markdown
66 lines
2.8 KiB
Markdown
|
|
# Phase 2 深审 — Wave P2-1(Files / SSH 基础设施)
|
|||
|
|
|
|||
|
|
**日期**: 2026-06-04
|
|||
|
|
**范围**: 文件浏览 REST + browse service + SSH pool + 前端预读
|
|||
|
|
**标准**: `standards/line-walk-audit-standard-v2.md` 8 步(全文 Read)
|
|||
|
|
|
|||
|
|
## 登记
|
|||
|
|
|
|||
|
|
| # | 文件 | 语言 | 行数 N | Read 范围 |
|
|||
|
|
|---|------|------|--------|-----------|
|
|||
|
|
| 1 | `server/api/files.py` | Python | 77 | 1–77 全文 |
|
|||
|
|
| 2 | `server/application/services/files_browse_service.py` | Python | 167 | 1–167 全文 |
|
|||
|
|
| 3 | `server/infrastructure/ssh/asyncssh_pool.py` | Python | 436 | 1–436 全文 |
|
|||
|
|
| 4 | `server/utils/files_elevation.py` | Python | 55 | 1–55 全文 |
|
|||
|
|
| 5 | `frontend/src/utils/filePreload.ts` | TS | 141 | 1–141 全文 |
|
|||
|
|
|
|||
|
|
## 入口表
|
|||
|
|
|
|||
|
|
| 方法 | 路径 | 鉴权 |
|
|||
|
|
|------|------|------|
|
|||
|
|
| GET | `/api/files/browse?server_id=&path=` | JWT + If-None-Match |
|
|||
|
|
| POST | `/sync/read-file`(filePreload 调用) | JWT |
|
|||
|
|
| SSH | `list_remote_directory` → `ls -la` | 经 pool + server 凭据 |
|
|||
|
|
|
|||
|
|
## Closure 表
|
|||
|
|
|
|||
|
|
| H | 文件:行号 | 判定 | 理由 |
|
|||
|
|
|---|-----------|------|------|
|
|||
|
|
| H-Auth | files.py:44 | SAFE | `get_current_admin` |
|
|||
|
|
| H-Path | files.py:57-60 | SAFE | `normalize_remote_abs_path` |
|
|||
|
|
| H-Audit | files.py:72 | SAFE | browse 审计 |
|
|||
|
|
| H-ETag | files.py:62-75 | SAFE | 304 减 SSH 负载 |
|
|||
|
|
| H-Path | files_browse_service.py:111-116 | SAFE | normalize + shlex.quote |
|
|||
|
|
| H-Shell | files_browse_service.py:117-125 | SAFE | 固定 ls 模板;path 已 quote |
|
|||
|
|
| H-Cache | files_browse_service.py:46-62 | SAFE | 5s TTL + max 200 |
|
|||
|
|
| H-Cred | asyncssh_pool.py:183-192 | SAFE | decrypt 仅内存 connect |
|
|||
|
|
| H-HostKey | asyncssh_pool.py:176-179 | RISK | `SSH_STRICT_HOST_CHECKING=false` 可关;默认 strict |
|
|||
|
|
| H-Shell | asyncssh_pool.py:306-339 | SAFE | tee/mv/mkdir 路径 shlex.quote |
|
|||
|
|
| H-Sudo | asyncssh_pool.py:348-355 | SAFE | elevation 三态 OFF/AUTO/ALWAYS |
|
|||
|
|
| H-Pool | asyncssh_pool.py:409-413 | SAFE | timeout 后 close_connection 不 reuse |
|
|||
|
|
| H-Exec | asyncssh_pool.py:389-437 | RISK | `exec_ssh_command` 接受任意 command;调用方须 JWT+审计 |
|
|||
|
|
| H-Elevation | files_elevation.py:21-28 | SAFE | 未知值回退 AUTO |
|
|||
|
|
| H-Auth | filePreload.ts:101-105 | SAFE | read-file JWT + max_size |
|
|||
|
|
| H-Cache | filePreload.ts:25-58 | SAFE | 内存 Map;prune 按目录 |
|
|||
|
|
| H-Size | filePreload.ts:6-9,67-68 | SAFE | 300KB 预读 / 2MB 编辑上限 |
|
|||
|
|
|
|||
|
|
**len(H)=17, Closure=17**
|
|||
|
|
|
|||
|
|
## FINDING
|
|||
|
|
|
|||
|
|
无 P0/P1 新 FINDING。
|
|||
|
|
|
|||
|
|
## L3 门控(同日记录)
|
|||
|
|
|
|||
|
|
`bash deploy/pre_deploy_check.sh` → **6/7 PASS**,Gate 7 BLOCK(`HEAD~1` 与未提交改动 `.cursorrules`、`docker-compose.yml` 等未列入当日 audit 文件)。属工作区脏树预期;**非代码缺陷**。部署前需 commit + 审计清单对齐或放宽 Gate7 策略。
|
|||
|
|
|
|||
|
|
## DoD
|
|||
|
|
|
|||
|
|
- [x] len(H) == Closure
|
|||
|
|
- [x] 五文件全文 Read
|
|||
|
|
- [x] local_verify 通过
|
|||
|
|
|
|||
|
|
## 验证
|
|||
|
|
|
|||
|
|
`bash scripts/local_verify.sh` — 全绿
|