fix: add system UID range validation to prevent privilege escalation

[Copilot]

UID/GID validation in getSafeHostUid() and getSafeHostGid() didn't reject system UIDs (0-999), potentially allowing container user mappings with unintended privileges.

Changes

• Add MIN_REGULAR_UID constant (1000) as the threshold for regular users
• Add validateIdNotInSystemRange() that falls back to 1000 for any system UID/GID
• Update both getSafeHostUid() and getSafeHostGid() to validate all sources (process.getuid/getgid() and SUDO_UID/SUDO_GID)
• Add 15 unit tests covering system/regular UID scenarios

Example

// Before: system UID 13 (proxy user) would be used as-is
process.getuid = () => 13;
getSafeHostUid(); // returned "13"

// After: system UIDs fall back to 1000
process.getuid = () => 13;
getSafeHostUid(); // returns "1000"

Original prompt

---

This section details on the original issue you should resolve

<issue_title>[Security] UID/GID validation lacks system UID range checking</issue_title>
<issue_description>## Priority
Low

Description

The current UID/GID validation doesn't check against system UID ranges. This could allow using system UIDs (typically 0-999) which may have unintended privileges.

Impact

• Severity: Low
• Attack Vector: Using system UIDs could bypass some security checks
• Risk: Privilege escalation via system UID usage

Proposed Solution

Add validation to reject system UID ranges:

// Reject UIDs 0-999 (system range on most Linux distributions)
if (uid < 1000) {
  throw new Error('UID must be >= 1000 (system UIDs not allowed)');
}

Effort Estimate

~1 hour

References

• Source: Daily Security Review Discussion [Security Review] Daily Security Review - January 16, 2026 #228
• Location: UID/GID validation logic</issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes [Security] UID/GID validation lacks system UID range checking #253

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[github-actions]

✅ Coverage Check Passed

Overall Coverage

Metric	Base	PR	Delta
Lines	77.19%	77.81%	📈 +0.62%
Statements	77.27%	77.88%	📈 +0.61%
Functions	77.17%	77.29%	📈 +0.12%
Branches	69.76%	70.96%	📈 +1.20%

📁 Per-file Coverage Changes (1 files)

File	Lines (Before → After)	Statements (Before → After)
src/docker-manager.ts	75.9% → 79.1% (+3.27%)	75.2% → 78.4% (+3.18%)

---

Coverage comparison generated by scripts/ci/compare-coverage.ts

[github-actions]

🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨

[github-actions]

🌑 The shadows whisper... Smoke Codex failed. The oracle requires further meditation...

[github-actions]

📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤

[github-actions]

Smoke Test Results

Last 2 merged PRs:

• chore: delete existing firewall tests and migrate smoke tests #229: chore: delete existing firewall tests and migrate smoke tests
• feat(ci): add coverage regression detection #244: feat(ci): add coverage regression detection

Test Results:

• ✅ GitHub MCP: Retrieved PRs successfully
• ✅ Playwright: Page title contains "GitHub"
• ✅ File Write: Created test file
• ✅ Bash: Verified file contents

Status: PASS

AI generated by Smoke Claude

[github-actions]

Smoke Test Results

Last 2 Merged PRs:

• chore: delete existing firewall tests and migrate smoke tests #229: chore: delete existing firewall tests and migrate smoke tests
• feat(ci): add coverage regression detection #244: feat(ci): add coverage regression detection

Test Results:

• ✅ GitHub MCP: Successfully retrieved PR data
• ✅ Playwright: Page title verified (contains "GitHub")
• ✅ File Writing: Created /tmp/gh-aw/agent/smoke-test-copilot-21092098430.txt
• ✅ Bash Tool: File verified with content "Smoke test passed for Copilot at Sat Jan 17 09:26:32 UTC 2026"

Overall Status: PASS 🎉

cc: @Mossaka

AI generated by Smoke Copilot

[github-actions]

📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤

[github-actions]

🌑 The shadows whisper... Smoke Codex failed. The oracle requires further meditation...

[github-actions]

🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨

[github-actions]

Smoke Test Results

Last 2 Merged PRs:

• ci: add agentic documentation preview workflow with Playwright #246: ci: add agentic documentation preview workflow with Playwright
• feat: port plan workflow from gh-aw repository #230: feat: port plan workflow from gh-aw repository

Test Results:

• ✅ GitHub MCP - Retrieved PRs successfully
• ✅ Playwright - Navigated to GitHub, page title verified
• ✅ File Writing - Created test file
• ✅ Bash Tool - Verified file contents

Status: PASS

AI generated by Smoke Claude

[github-actions]

Smoke Test Results

Last 2 Merged PRs:

• feat: port plan workflow from gh-aw repository #230: feat: port plan workflow from gh-aw repository
• ci: pin GitHub Actions to commit SHAs for supply chain security #266: ci: pin GitHub Actions to commit SHAs for supply chain security

Test Results:

• ✅ GitHub MCP: Retrieved PR data successfully
• ❌ Playwright: Browser installation timeout
• ✅ File Write: Created /tmp/gh-aw/agent/smoke-test-copilot-21092323162.txt
• ✅ Bash Tool: Verified file content

Status: FAIL (Playwright test failed)

cc: @Mossaka

AI generated by Smoke Copilot