>_
.issue.db
/highway-workflow-engine
Dashboard
Issues
Memory
Lessons
Audit Log
New Issue
Edit Issue #411
Update issue details
Title *
Description
Security flaw: tools.python.run gives tenant code raw DB access via ctx.db_connection. In multi-tenant cloud, malicious tenant can: (1) Read other tenants data, (2) Modify system tables, (3) Access secrets. Solution: Run ALL user code in Docker sandbox with DurableContext exposed via secure RPC API.
Priority
Low
Medium
High
Critical
Status
Open
In Progress
Closed
Won't Do
Due Date (YYYY-MM-DD)
Tags (comma separated)
Related Issues (IDs)
Enter IDs of issues related to this one. They will be linked as 'related'.
Update Issue
Cancel