OpenCode权限安全设置指南
默认权限配置下,OpenCode访问项目目录之外的文件时会弹出授权提示,似乎已经很安全了?其实不然,你可以试试让机器人获取环境变量!
权限规则说明:
- allow:无需审批直接运行;
- ask:提示审批;
- deny:阻止操作。
直接复制可用的权限配置:
{
"$schema": "https://opencode.ai/config.json",
"default_agent": "plan",
"permission": {
"read": {
"*": "allow",
"node_modules/*": "deny",
"build/*": "deny",
"dist/*": "deny",
".git/*": "deny",
".*": "deny",
"*/.*": "deny",
"*.env": "deny",
"*.env.*": "deny",
"*.env.example": "allow",
"*.key": "deny",
"*.pem": "deny",
"id_rsa*": "deny",
"secrets.*": "deny",
"credentials.*": "deny",
"config.json": "ask"
},
"edit": "ask",
"external_directory": {
"*": "deny"
},
"bash": {
"*": "ask",
"sudo *": "deny",
"su*": "deny",
"dd *": "deny",
"| dd *": "deny",
"mkfs *": "deny",
"rm -rf /*": "deny",
"> /dev/*": "deny",
"chmod -R *": "deny",
"chown *": "deny",
"chgrp *": "deny",
"printenv*": "deny",
"env*": "deny",
"set*": "deny",
"export*": "deny",
"curl *": "deny",
"wget *": "deny",
"nc *": "deny",
"scp *": "deny",
"rsync *": "deny",
"git push*": "deny",
"ssh *": "deny",
"ftp *": "deny",
"telnet *": "deny",
"nmap *": "deny",
"nohup *": "deny",
"watch *": "deny",
"npm install *": "deny",
"npm i *": "deny",
"npm update *": "deny",
"yarn add *": "deny",
"yarn install": "deny",
"yarn global add *": "deny",
"yarn upgrade *": "deny",
"pip install *": "deny",
"pip3 install *": "deny",
"ls": "allow",
"ls *": "allow",
"pwd": "allow",
"git status": "allow",
"git status *": "allow",
"git diff": "allow",
"git diff *": "allow",
"git log": "allow",
"git log *": "allow"
}
},
"agent": {
"plan": {
"permission": {
"edit": "deny"
}
},
"build": {
"permission": {
"edit": "allow"
}
}
}
}
以上配置简要说明:
- 禁止访问项目目录之外的文件;
- 禁止读取.env、密钥和证书敏感文件;
- 全局配置编辑文件需询问,plan代理不允许编辑,build代理允许编辑;
- Bash权限全局禁止了高危命令,放行安全命令,其他未知命令需询问;
- 默认代理设置为plan,预防意外修改文件。
