Issue Station
Sign In
Tools hereToolbox

openclaw - 💡(How to fix) Fix New security defaults silently break existing workflows after upgrade [1 participants]

Official PRs (…)
ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

Helpful · Quick feedback

Loading…
GitHub stats
openclaw/openclaw#59051Fetched 2026-04-08 02:29:23
View on GitHub
Comments
0
Participants
1
Timeline
0
Reactions
1
Author
mmartocciammartoccia
Participants
mmartocciammartoccia

Upgrading from 2026.3.28 to 2026.3.31 silently introduced tools.exec.strictInlineEval defaulting to true, which blocks python3 -c, node -e, heredocs, and all inline eval forms -- even when the user has an existing allowlist with ask: off and security: full.

This broke ~30+ cron jobs and all interactive exec workflows without warning.

Root Cause

New security settings added in minor releases default to the most restrictive posture. Users who have explicitly configured permissive exec policies (because they run single-user, self-hosted deployments) get silently downgraded on upgrade.

Fix Action

Workaround

Set in openclaw.json:

{
  "tools": {
    "exec": {
      "strictInlineEval": false
    }
  }
}

This works but should not be necessary for users who already have permissive exec config.

Code Example

{
  "tools": {
    "exec": {
      "strictInlineEval": false
    }
  }
}
RAW_BUFFERClick to expand / collapse

Summary

Upgrading from 2026.3.28 to 2026.3.31 silently introduced tools.exec.strictInlineEval defaulting to true, which blocks python3 -c, node -e, heredocs, and all inline eval forms -- even when the user has an existing allowlist with ask: off and security: full.

This broke ~30+ cron jobs and all interactive exec workflows without warning.

Problem

New security settings added in minor releases default to the most restrictive posture. Users who have explicitly configured permissive exec policies (because they run single-user, self-hosted deployments) get silently downgraded on upgrade.

The upgrade path was:

  1. Running 2026.3.28 with tools.exec.ask: off -- everything works
  2. npm i -g openclaw@latest to 2026.3.31
  3. Gateway restarts
  4. All python3 -c, heredocs, node -e calls start hitting exec denied: allowlist miss
  5. No changelog warning, no migration note, no deprecation notice

Expected Behavior

One or more of:

  • Opt-in, not opt-out: New restrictive defaults should not apply to users who have explicitly configured permissive policies. If tools.exec.ask is already off, assume the user knows what they are doing.
  • Migration warning: On first boot after upgrade, if new security defaults conflict with existing config, log a warning: "New default strictInlineEval: true is active. Your existing exec workflows may require approval. Set strictInlineEval: false to preserve previous behavior."
  • preserveOnUpgrade flag: A config-level flag (e.g., tools.exec.preserveOnUpgrade: true) that locks exec policy against new defaults.
  • Changelog visibility: Breaking security changes should be listed as BREAKING in release notes, not buried in schema additions.

Workaround

Set in openclaw.json:

{
  "tools": {
    "exec": {
      "strictInlineEval": false
    }
  }
}

This works but should not be necessary for users who already have permissive exec config.

Environment

  • OpenClaw 2026.3.31 (upgraded from 2026.3.28)
  • macOS (arm64), single-user self-hosted deployment
  • ~98 active cron jobs, many using python3 -c and heredocs
  • tools.exec.ask: off configured prior to upgrade

extent analysis

TL;DR

Setting tools.exec.strictInlineEval to false in openclaw.json can workaround the issue with blocked inline eval forms after upgrading to OpenClaw 2026.3.31.

Guidance

  • Review your existing exec policies to ensure they are compatible with the new security defaults in OpenClaw 2026.3.31.
  • Consider setting tools.exec.strictInlineEval to false in openclaw.json as a temporary workaround to preserve previous behavior.
  • Check the release notes for any breaking security changes before upgrading to a new version.
  • If you have explicitly configured permissive exec policies, you may need to reconfigure them after upgrading to ensure compatibility with new security defaults.

Example

{
  "tools": {
    "exec": {
      "strictInlineEval": false
    }
  }
}

This example shows how to set tools.exec.strictInlineEval to false in openclaw.json to workaround the issue.

Notes

This workaround may not be necessary in future versions of OpenClaw if the expected behavior changes are implemented, such as opt-in for new restrictive defaults or migration warnings.

Recommendation

Apply the workaround by setting tools.exec.strictInlineEval to false in openclaw.json, as this is the most straightforward way to restore previous behavior and avoid blocked inline eval forms.

Vote matrix · Quick signals

Works
Did the solution work? Tap to confirm.
Easy Fix
Was it a quick fix?
Time Saver
Did it save you time?
Blocking
Was it severely blocking?
Common Issue
Are others likely hitting this too?
Flaky / Intermittent
Is it intermittent?
Verified / Reproducible
Can you reproduce it reliably?
Loading…
#runtime error#dependency conflict#environment setup#docker error#permission error

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

Back to top recommendations

TRENDING

openclaw - 💡(How to fix) Fix New security defaults silently break existing workflows after upgrade [1 participants]