Pulse/cmd/pulse-sensor-proxy
rcourtman 1519390f08 security: enhance logging for denied privileged method calls
Improved security audit trail for attempted container privilege escalation:

- Added detailed logging when containers attempt privileged methods
- Logs UID, GID, PID, correlation ID, and method name
- Marked with "SECURITY:" prefix for easy filtering/alerting
- Helps operators detect and investigate compromise attempts

Example log output:
  SECURITY: Container attempted to call privileged method - access denied
  method=ensure_cluster_keys uid=101000 gid=101000 pid=12345

Addresses Codex recommendation for comprehensive logging of denied
privileged RPCs to enable monitoring and alerting on attempted abuse.
2025-10-19 16:40:42 +00:00
..
auth.go Automate sensor proxy container mount and auth 2025-10-14 12:41:48 +00:00
auth_test.go Automate sensor proxy container mount and auth 2025-10-14 12:41:48 +00:00
cleanup.go feat: add comprehensive node cleanup system 2025-10-17 18:53:45 +00:00
config.go Automate sensor proxy container mount and auth 2025-10-14 12:41:48 +00:00
main.go security: enhance logging for denied privileged method calls 2025-10-19 16:40:42 +00:00
metrics.go refactor: Rename pulse-temp-proxy to pulse-sensor-proxy 2025-10-13 13:17:05 +00:00
ssh.go feat: add comprehensive node cleanup system 2025-10-17 18:53:45 +00:00
throttle.go refactor: Rename pulse-temp-proxy to pulse-sensor-proxy 2025-10-13 13:17:05 +00:00
validation.go security: fix SSH command injection vulnerabilities in pulse-sensor-proxy 2025-10-19 16:28:38 +00:00