fix(security): resolve symlink write-guard bypass on Python 3.10

src/gaia/security.py

@@ -410,8 +410,11 @@ def is_write_blocked(self, path: str) -> Tuple[bool, str]:
             Tuple of (is_blocked, reason). If blocked, reason explains why.
         """
         try:
-            real_path = Path(os.path.realpath(path)).resolve()
-            real_path_str = str(real_path)
+            # Use os.path.realpath exclusively for symlink resolution — do NOT
+            # chain Path.resolve(), which re-resolves on Python <3.12 via a
+            # separate code path and can disagree with realpath.
+            real_path_str = os.path.realpath(path)
+            real_path = Path(real_path_str)
             # Apply macOS /private normalization so /etc, /var/run, etc. match
             # the BLOCKED_DIRECTORIES entries (they're stored unprefixed).
             norm_path = os.path.normpath(_normalize_macos_symlinks(real_path_str))

tests/unit/test_security_edge_cases.py

@@ -344,12 +344,10 @@ def test_exception_during_path_resolution_returns_blocked(self, validator):
         assert is_blocked is True
         assert "unable to validate" in reason.lower()
 
-    def test_exception_from_path_resolve_returns_blocked(self, validator):
-        """When Path.resolve() raises, is_write_blocked returns (True, reason)."""
+    def test_exception_from_path_construction_returns_blocked(self, validator):
+        """When path construction raises, is_write_blocked returns (True, reason)."""
         with patch("os.path.realpath", return_value="/tmp/test.txt"):
-            with patch.object(
-                Path, "resolve", side_effect=RuntimeError("Resolve failed")
-            ):
+            with patch("os.path.normpath", side_effect=RuntimeError("Normpath failed")):
                 is_blocked, reason = validator.is_write_blocked("/tmp/test.txt")
 
         assert is_blocked is True