Problem
Directory path configuration in novelforge/config.py lines 237-246 uses PROJECT_ROOT / os.environ.get(...). Python's Path.__truediv__ silently replaces the left operand if the right is absolute:
Path("/app") / "/etc/passwd" # → PosixPath('/etc/passwd')If any directory env var is set to an absolute path, the app reads/writes files from that arbitrary location.
Files Affected
novelforge/config.py lines 237-246
Why It Matters
NOVELS_DIR controls where session JSON files are writtenEXPORT_DIR controls where exports and illustrations are saved/servedLOGS_DIR controls where LLM logs (containing prompts) are written
Recommended Fix
def _resolve_dir(env_var: str, default: str) -> str:
raw = os.environ.get(env_var, default)
if os.path.isabs(raw):
raise ValueError(f"{env_var} must be a relative path (got {raw!r})")
return str(PROJECT_ROOT / raw)
Problem
Directory path configuration in
novelforge/config.pylines 237-246 usesPROJECT_ROOT / os.environ.get(...). Python'sPath.__truediv__silently replaces the left operand if the right is absolute:If any directory env var is set to an absolute path, the app reads/writes files from that arbitrary location.
Files Affected
novelforge/config.pylines 237-246Why It Matters
NOVELS_DIRcontrols where session JSON files are writtenEXPORT_DIRcontrols where exports and illustrations are saved/servedLOGS_DIRcontrols where LLM logs (containing prompts) are writtenRecommended Fix