Roo Code .rooignore Symlink Bypass Vulnerability Allowing Unintended File Disclosure

A vulnerability in Roo Code's AI-powered coding extension, in versions prior to 3.26.0, allows .rooignore protections to be bypassed using symlinks. This issue enables an attacker with write access to the workspace to manipulate the extension into reading files that should have been excluded, potentially exposing sensitive information such as .env files or other configuration details. The vulnerability arises from the extension's failure to properly validate symlinked paths against ignore rules, creating a time-of-check-to-time-of-use (TOCTOU) vulnerability.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information, including secrets and configuration details, by bypassing .rooignore exclusions.

Reproduction

To reproduce this vulnerability, create a symlink that points to a file intended to be excluded by the .rooignore rules. Place this symlink in a location where the Roo Code extension will follow it, such as within the workspace. The extension will read the file through the symlink, bypassing the .rooignore protections and potentially exposing sensitive information.

Remediation

Users can update to Roo Code version 3.26.0 or later, where this vulnerability has been fixed. Instructions for downloading the latest version are available on the Roo Code GitHub Releases page.