Improved security audit trail for attempted container privilege escalation: - Added detailed logging when containers attempt privileged methods - Logs UID, GID, PID, correlation ID, and method name - Marked with "SECURITY:" prefix for easy filtering/alerting - Helps operators detect and investigate compromise attempts Example log output: SECURITY: Container attempted to call privileged method - access denied method=ensure_cluster_keys uid=101000 gid=101000 pid=12345 Addresses Codex recommendation for comprehensive logging of denied privileged RPCs to enable monitoring and alerting on attempted abuse. |
||
|---|---|---|
| .. | ||
| auth.go | ||
| auth_test.go | ||
| cleanup.go | ||
| config.go | ||
| main.go | ||
| metrics.go | ||
| ssh.go | ||
| throttle.go | ||
| validation.go | ||