{"id":2083,"date":"2026-03-23T22:03:55","date_gmt":"2026-03-23T22:03:55","guid":{"rendered":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/"},"modified":"2026-03-23T22:03:55","modified_gmt":"2026-03-23T22:03:55","slug":"tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd","status":"publish","type":"post","link":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/","title":{"rendered":"Tool updates: lots of security and logic fixes, (Mon, Mar 23rd)"},"content":{"rendered":"<div>\n<p>So, I&#8217;ve been slow to get on the Claude Code\/OpenCode\/Codex\/OpenClaw bandwagon, but I had some time last week so I asked Claude to review (<span style=\"font-family:Courier New,Courier,monospace;\">\/security-review<\/span>) some of my python scripts. He found more than I&#8217;d like to admit, so I checked in a bunch of updates. In reviewing his suggestions, he was right, I made some stupid mistakes, some of which have been sitting in there for a long time. It was nothing earth-shattering and it took almost no time for Claude, it took longer for me to read through the updates he wanted to make, figure out what he was seeing, and decide whether to accept them or tweak them. Here are a few of them.<\/p>\n<ul>\n<li>a logic inversion error with the <span style=\"font-family:Courier New,Courier,monospace;\">-f<\/span> switch, and some unhandled errors in <span style=\"font-family:Courier New,Courier,monospace;\">convert-ts-bash-history.py<\/span><\/li>\n<li>a TOCTOU (time of check\/time of use) possible race condition, and a comment about some ambiguity with the <span style=\"font-family:Courier New,Courier,monospace;\">-c<\/span> switch when deciding which hash was used based solely on the length of the hash\u00a0in <span style=\"font-family:Courier New,Courier,monospace;\">sigs.py<\/span><\/li>\n<li>some overly permissive permissions, a possible symlink attack, and an encoding issue in <span style=\"font-family:Courier New,Courier,monospace;\">ficheck.py<\/span><\/li>\n<li>a possible header injection issue via the <span style=\"font-family:Courier New,Courier,monospace;\">-s<\/span> switch with <span style=\"font-family:Courier New,Courier,monospace;\">mail_stuff.py<\/span><\/li>\n<\/ul>\n<p>Most of these are issues I should have caught myself given how long I&#8217;ve been programming\/scripting, but all of these started out as quick and dirty scripts to solve a problem I had, and then I made them available to the public through my github repo without taking any time to really ensure they were ready for public consumption. Taking a few minutes to setup Claude without much in the way of guidance (my CLAUDE.md is still very much a work-in-progress) and the one in my my scripts repo was one I asked Claude to create for me after some back and forth during this review which mostly covers a couple of personal preferences.\u00a0<\/p>\n<p>I guess the main point is I&#8217;m late to the game on using AI on a daily basis, but that needs to change. Even when I&#8217;m feeling my age and write my own scripts, I need to have that second pair of\u00a0<em>eyes<\/em>\u00a0give it a second look. Some of these scripts run as root out of cron or systemd timers\u00a0on systems I administer and some of those issues could have been used for privilege escalation by an attacker who managed to get access. Even those of us with more grey than not in our beards\u00a0need to be spending some time figuring out how to\u00a0integrate this stuff into our daily routine.<\/p>\n<p><strong>References<\/strong>:<\/p>\n<p>[1]\u00a0<a href=\"https:\/\/github.com\/clausing\/scripts\">https:\/\/github.com\/clausing\/scripts<\/a><\/p>\n<p>&#8212;&#8212;&#8212;&#8212;&#8212;<br \/>\nJim Clausing, GIAC GSE #26<br \/>\njclausing &#8211;at&#8211; isc [dot] sans (dot) edu<\/p>\n<p> (c) SANS Internet Storm Center. https:\/\/isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>So, I&#8217;ve been slow to get on the Claude Code\/OpenCode\/Codex\/OpenClaw bandwagon, but I had some time last week so I asked Claude to review (\/security-review) some of my python scripts. He found more than I&#8217;d like to admit, so I checked in a bunch of updates. In reviewing his suggestions, he was right, I made [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-container-style":"default","site-container-layout":"default","site-sidebar-layout":"default","disable-article-header":"default","disable-site-header":"default","disable-site-footer":"default","disable-content-area-spacing":"default","footnotes":""},"categories":[90],"tags":[91],"class_list":["post-2083","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Tool updates: lots of security and logic fixes, (Mon, Mar 23rd) - Imperative Business Ventures Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Tool updates: lots of security and logic fixes, (Mon, Mar 23rd) - Imperative Business Ventures Limited\" \/>\n<meta property=\"og:description\" content=\"So, I&#8217;ve been slow to get on the Claude Code\/OpenCode\/Codex\/OpenClaw bandwagon, but I had some time last week so I asked Claude to review (\/security-review) some of my python scripts. He found more than I&#8217;d like to admit, so I checked in a bunch of updates. In reviewing his suggestions, he was right, I made [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/\" \/>\n<meta property=\"og:site_name\" content=\"Imperative Business Ventures Limited\" \/>\n<meta property=\"article:published_time\" content=\"2026-03-23T22:03:55+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"headline\":\"Tool updates: lots of security and logic fixes, (Mon, Mar 23rd)\",\"datePublished\":\"2026-03-23T22:03:55+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/\"},\"wordCount\":480,\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"Cybersecurity\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/\",\"url\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/\",\"name\":\"Tool updates: lots of security and logic fixes, (Mon, Mar 23rd) - Imperative Business Ventures Limited\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/#website\"},\"datePublished\":\"2026-03-23T22:03:55+00:00\",\"author\":{\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.ibvl.in\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Tool updates: lots of security and logic fixes, (Mon, Mar 23rd)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.ibvl.in\/#website\",\"url\":\"https:\/\/blog.ibvl.in\/\",\"name\":\"Imperative Business Ventures Limited\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.ibvl.in\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/blog.ibvl.in\"],\"url\":\"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Tool updates: lots of security and logic fixes, (Mon, Mar 23rd) - Imperative Business Ventures Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/","og_locale":"en_US","og_type":"article","og_title":"Tool updates: lots of security and logic fixes, (Mon, Mar 23rd) - Imperative Business Ventures Limited","og_description":"So, I&#8217;ve been slow to get on the Claude Code\/OpenCode\/Codex\/OpenClaw bandwagon, but I had some time last week so I asked Claude to review (\/security-review) some of my python scripts. He found more than I&#8217;d like to admit, so I checked in a bunch of updates. In reviewing his suggestions, he was right, I made [&hellip;]","og_url":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/","og_site_name":"Imperative Business Ventures Limited","article_published_time":"2026-03-23T22:03:55+00:00","author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/#article","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/"},"author":{"name":"admin","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"headline":"Tool updates: lots of security and logic fixes, (Mon, Mar 23rd)","datePublished":"2026-03-23T22:03:55+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/"},"wordCount":480,"keywords":["Cybersecurity"],"articleSection":["Cybersecurity"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/","url":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/","name":"Tool updates: lots of security and logic fixes, (Mon, Mar 23rd) - Imperative Business Ventures Limited","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/#website"},"datePublished":"2026-03-23T22:03:55+00:00","author":{"@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"breadcrumb":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/23\/tool-updates-lots-of-security-and-logic-fixes-mon-mar-23rd\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.ibvl.in\/"},{"@type":"ListItem","position":2,"name":"Tool updates: lots of security and logic fixes, (Mon, Mar 23rd)"}]},{"@type":"WebSite","@id":"https:\/\/blog.ibvl.in\/#website","url":"https:\/\/blog.ibvl.in\/","name":"Imperative Business Ventures Limited","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.ibvl.in\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/blog.ibvl.in"],"url":"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/2083","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/comments?post=2083"}],"version-history":[{"count":0,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/2083\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/media?parent=2083"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/categories?post=2083"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/tags?post=2083"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}