Skip to content

fix: scope postgres memory and reminder identity by tenant#7

Open
NeerajCodz wants to merge 1 commit into
mainfrom
codex/fix-tenant-global-memory-id-vulnerability
Open

fix: scope postgres memory and reminder identity by tenant#7
NeerajCodz wants to merge 1 commit into
mainfrom
codex/fix-tenant-global-memory-id-vulnerability

Conversation

@NeerajCodz

@NeerajCodz NeerajCodz commented May 4, 2026

Copy link
Copy Markdown
Contributor

Motivation

  • The production PostgreSQL migration defined nextral_memories.id as a global PRIMARY KEY and nextral_reminders referenced memories and dedupe keys globally, enabling cross-tenant ID collisions and overwrite or denial-of-service.

Description

  • Modify migrations/postgres/0001_core_schema.sql to make nextral_memories use a composite primary key PRIMARY KEY (tenant_id, id) while preserving the id column.
  • Update nextral_reminders to reference memories with a tenant-scoped foreign key FOREIGN KEY (tenant_id, source_memory_id) REFERENCES nextral_memories(tenant_id, id).
  • Replace global reminder deduplication with tenant-scoped uniqueness via UNIQUE (tenant_id, dedupe_key), keeping other columns and semantics unchanged.

Testing

  • Existing project tests (cargo test) were run previously during validation and passed; the change is a schema-only migration and did not break the test suite.

Codex Task

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

aardvark codex

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@NeerajCodz