External/SuperClaude
1
0
Fork 0
mirror of https://github.com/SuperClaude-Org/SuperClaude_Framework.git synced 2025-12-17 17:56:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix installation failures on Windows systems with alias usernames

Browse Source
This commit is contained in:
Andrey Korzh 2025-07-22 23:12:32 +02:00
parent 0b2c9c6c7a
commit d075a67de0
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
setup/utils/security.py
View File

@ -427,11 +427,17 @@ class SecurityValidator:
errors.append("Installation to junction points or symbolic links is not allowed for security") errors.append("Installation to junction points or symbolic links is not allowed for security")
return False, errors return False, errors
# Additional validation: verify it's in a user profile directory structure # Additional validation: verify it's in the current user's profile directory
# Only check if it looks like a Windows path (contains drive letter) # Use actual home directory comparison instead of username-based path construction
if ':' in abs_target_str and '\\users\\' in abs_target_str: if ':' in abs_target_str and '\\users\\' in abs_target_str:
current_user = os.environ.get('USERNAME', '') try:
if current_user and f'\\users\\{current_user.lower()}\\' not in abs_target_str: # Check if target is within the user's actual home directory
home_path = Path.home()
abs_target.relative_to(home_path)
# Path is valid - within user's home directory
except ValueError:
# Path is outside user's home directory
current_user = os.environ.get('USERNAME', home_path.name)
errors.append(f"Installation must be in current user's directory ({current_user})") errors.append(f"Installation must be in current user's directory ({current_user})")
return False, errors return False, errors