ufm

CRITICAL: Archive Extraction Vulnerability: The `ufm_archive_extract` tool does not validate the `destination` path against the security policy, allowing arbitrary file writes outside the sandbox. This is a severe vulnerability. CRITICAL: Auto-update via HTTP without Signature: The auto-update system fetches `version.json` and binaries over HTTP. A Man-in-the-Middle (MITM) attack could provide a malicious `version.json` with a malicious `download_url` and corresponding checksum, allowing arbitrary code execution. MEDIUM: P2P Network Security (Missing Authentication): The P2P network, while having a security config for connections, does not explicitly detail an authentication mechanism for peers interacting via `ToolRequest` messages, potentially exposing tools like `ufm_nodes` or `ufm_ping` to unauthenticated access. The `require_tls` is false by default. LOW: Permissive Default Configuration: The default security policy allows access to the user's home directory and enables all write/delete/chmod operations, which is broad for a default setting in an external tool.