mirror of
https://github.com/rcourtman/Pulse.git
synced 2026-04-28 03:20:11 +00:00
524f42cc28
Implements comprehensive security hardening for pulse-sensor-proxy: - Privilege drop from root to unprivileged user (UID 995) - Hash-chained tamper-evident audit logging with remote forwarding - Per-UID rate limiting (0.2 QPS, burst 2) with concurrency caps - Enhanced command validation with 10+ attack pattern tests - Fuzz testing (7M+ executions, 0 crashes) - SSH hardening, AppArmor/seccomp profiles, operational runbooks All 27 Phase 1 tasks complete. Ready for production deployment. |
||
|---|---|---|
| .. | ||
| audit.go | ||
| audit_test.go | ||
| auth.go | ||
| auth_test.go | ||
| cleanup.go | ||
| config.go | ||
| main.go | ||
| main_test.go | ||
| metrics.go | ||
| ssh.go | ||
| ssh_test.go | ||
| throttle.go | ||
| throttle_test.go | ||
| validation.go | ||
| validation_fuzz_test.go | ||
| validation_test.go | ||