rcourtman 7d2a2bd978 Fix security regression: use localhost-only fallback instead of permissive mode ... Codex independent review identified a critical security issue: when cluster validation fails, the previous fix fell back to permissive mode (allowing ALL nodes), making the proxy a potential SSRF/network scanner for any container that could reach the socket. NEW BEHAVIOR: When cluster validation is unavailable (IPC blocked), fall back to localhost-only validation instead of permissive mode. This maintains security while still allowing self-monitoring. Implementation: - Added validateAsLocalhost() method to nodeValidator - Calls discoverLocalHostAddresses() to get local IPs/hostnames - Only allows requests matching the local host - Blocks requests to other cluster members or arbitrary hosts Test results on delly (clustered node with IPC blocked): - Request to 192.168.0.5 (self): ALLOWED, temps fetched - Request to 192.168.0.134 (cluster peer): BLOCKED with node_not_localhost - No more "allowing all nodes" security regression Related to #571 - addresses Codex security audit feedback This prevents the proxy from being abused as a network scanner while still solving the original temperature monitoring issue.		2025-11-13 14:15:51 +00:00
..
hashpw	Add hashpw utility for generating password hashes	2025-11-06 16:46:56 +00:00
pulse	Fix bootstrap-token command to use correct env var and default path	2025-11-09 23:46:41 +00:00
pulse-docker-agent	Add OCI labels to Docker images and --version flag to docker-agent	2025-11-11 11:52:20 +00:00
pulse-host-agent	Refactor: Code cleanup and localStorage consolidation	2025-11-04 21:50:46 +00:00
pulse-sensor-proxy	Fix security regression: use localhost-only fallback instead of permissive mode	2025-11-13 14:15:51 +00:00