Improved security audit trail for attempted container privilege escalation: - Added detailed logging when containers attempt privileged methods - Logs UID, GID, PID, correlation ID, and method name - Marked with "SECURITY:" prefix for easy filtering/alerting - Helps operators detect and investigate compromise attempts Example log output: SECURITY: Container attempted to call privileged method - access denied method=ensure_cluster_keys uid=101000 gid=101000 pid=12345 Addresses Codex recommendation for comprehensive logging of denied privileged RPCs to enable monitoring and alerting on attempted abuse. |
||
|---|---|---|
| .. | ||
| pulse | ||
| pulse-docker-agent | ||
| pulse-sensor-proxy | ||