v1.8.10: security audit fixes

Browse Source

- --list and --status no longer expose IP/port/user (only aliases)
- --list-full for admin use (not in skill)
- Removed --add from /ssh skill (servers added via GUI only)
- Removed exact file paths from skill template
- Added deny-read rules for ~/.server-connections/ files
- Wrapped main() in try/except to prevent traceback leaking
- Added needs_reencrypt() to encryption.py for future migration
- install_key no longer prints server IP

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

...

This commit is contained in:

chrome-storm-c442

2026-02-24 04:56:16 -05:00

parent 831fb66110

commit efb508c982

5 changed files with 48 additions and 21 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

BIN

releases/ServerManager-v1.8.10-win-x64.exe Normal file

Binary file not shown.