Implements comprehensive security hardening for pulse-sensor-proxy: - Privilege drop from root to unprivileged user (UID 995) - Hash-chained tamper-evident audit logging with remote forwarding - Per-UID rate limiting (0.2 QPS, burst 2) with concurrency caps - Enhanced command validation with 10+ attack pattern tests - Fuzz testing (7M+ executions, 0 crashes) - SSH hardening, AppArmor/seccomp profiles, operational runbooks All 27 Phase 1 tasks complete. Ready for production deployment.
43 lines
1.1 KiB
Go
43 lines
1.1 KiB
Go
package main
|
|
|
|
import (
|
|
"testing"
|
|
"time"
|
|
)
|
|
|
|
func TestRateLimiterPenalizeMetrics(t *testing.T) {
|
|
metrics := NewProxyMetrics("test")
|
|
rl := newRateLimiter(metrics)
|
|
rl.policy.penaltyDuration = 10 * time.Millisecond
|
|
|
|
start := time.Now()
|
|
rl.penalize(peerID{uid: 42}, "invalid_json")
|
|
if time.Since(start) < rl.policy.penaltyDuration {
|
|
t.Fatalf("expected penalize to sleep at least %v", rl.policy.penaltyDuration)
|
|
}
|
|
|
|
mf, err := metrics.registry.Gather()
|
|
if err != nil {
|
|
t.Fatalf("gather metrics: %v", err)
|
|
}
|
|
|
|
found := false
|
|
for _, fam := range mf {
|
|
if fam.GetName() != "pulse_proxy_limiter_penalties_total" {
|
|
continue
|
|
}
|
|
for _, metric := range fam.GetMetric() {
|
|
if metric.GetCounter().GetValue() == 0 {
|
|
continue
|
|
}
|
|
for _, label := range metric.GetLabel() {
|
|
if label.GetName() == "reason" && label.GetValue() == "invalid_json" {
|
|
found = true
|
|
}
|
|
}
|
|
}
|
|
}
|
|
if !found {
|
|
t.Fatalf("expected limiter penalty metric for invalid_json")
|
|
}
|
|
}
|