Skip to content

feat: delegation chains, session tracking, audit CLI, CE rules (v0.13.0)#81

Merged
garagon merged 6 commits intomainfrom
feat/v0.13.0-pipeline-audit-rules
Mar 24, 2026
Merged

feat: delegation chains, session tracking, audit CLI, CE rules (v0.13.0)#81
garagon merged 6 commits intomainfrom
feat/v0.13.0-pipeline-audit-rules

Conversation

@garagon
Copy link
Copy Markdown
Contributor

@garagon garagon commented Mar 24, 2026

Summary

  • Delegation chain enforcement: Verifies X-Oktsec-Delegation header in pipeline (stage 2.5). Ed25519 signature, scope, expiry, depth validation. Invalid chains always rejected. Optional via require_delegation config (default false, backwards compatible)
  • Session tracking: Auto-generates per-agent session IDs with 30-min TTL. Metadata enrichment only, never rejects. Supports explicit X-Oktsec-Session header
  • oktsec audit verify-chain: Offline CLI verification of tamper-evident audit chain. Opens SQLite directly, verifies SHA-256 hashes + Ed25519 signatures. Exit codes: 0=valid, 1=broken, 2=error
  • Dashboard audit signatures: Loads proxy public key, displays signature verification status (green/yellow/red badge). Graceful fallback if key missing
  • 14 new detection rules: 12 CE- (container escape recon/exploit patterns from SandboxEscapeBench) + 2 IAP (vulnerability knowledge transfer). Total: 244 rules

Breaking changes

None. All new features are additive:

  • require_delegation defaults to false (no enforcement unless explicitly enabled)
  • Session tracking is metadata-only, never rejects
  • New CLI subcommand, existing oktsec audit unchanged
  • Dashboard falls back gracefully without proxy key
  • CE-009 uses match_mode:all (requires insmod/modprobe + suspicious path indicator)

Test plan

  • make build && make test && make lint && make vet all pass
  • Delegation: 6 handler tests (valid chain, expired, invalid sig, scope violation, required/not required)
  • Sessions: 10 tests (resolve, TTL, concurrent access, handler integration)
  • CLI verify-chain: 9 tests (valid, empty, wrong key, JSON output)
  • CE/IAP rules: engine tests pass with new rules loaded
  • CE-009 verified not to trigger on legitimate modprobe nf_tables
  • Manual: verify dashboard audit page with proxy key present/absent

garagon added 6 commits March 24, 2026 12:21
@garagon
feat: enforce delegation chains and session tracking in pipeline
f5800b0 
Delegation chain verification (stage 2.5): parses X-Oktsec-Delegation
header, verifies Ed25519 signatures, scope, expiry, and chain depth.
Invalid chains always rejected (403). Optional via require_delegation
config (default false).

Auto session tracking: resolves or creates session IDs per agent with
30-min TTL. Metadata enrichment only, never rejects. Supports explicit
X-Oktsec-Session header override.
@garagon
feat: in-memory session store with TTL eviction
48fdac6 
Thread-safe session store for auto-generating per-agent session IDs.
30-min idle TTL, background eviction every 60s, crypto/rand UUIDs.
10 tests including concurrent access and handler integration.
@garagon
feat: add audit verify-chain CLI subcommand
9923d9a 
Offline verification of the tamper-evident audit chain. Opens SQLite
directly, verifies SHA-256 hash chain and optional Ed25519 signatures.
Supports --db, --key, --limit, --json flags. Exit codes: 0=valid,
1=broken, 2=error. 9 tests.
@garagon
feat: display signature verification on dashboard audit page
884d2a7 
Load proxy public key and pass to VerifyChain for full signature
verification. Shows green badge when chain + signatures valid, yellow
when chain valid but no proxy key, red when broken. Graceful fallback
if proxy.pub missing.
@garagon
feat: add 14 detection rules for container escape and vuln transfer
1230fde 
12 CE- rules (container escape): Docker socket probe, capability enum,
host filesystem probe, cgroup escape, namespace escape, runc exploit,
eBPF exploitation, kernel memory exploits, Docker API abuse, and more.

2 IAP rules (vuln knowledge transfer): CVE+exploit keyword detection
and container escape instruction detection. Both use match_mode:all
to require multiple signals.

Total rules: 244 (230 + 14 new).
@garagon
fix: add sleep before Flush in session handler tests for CI stability
fd26d47 
Audit writes are async (batched via channel). On slower CI machines
the handler goroutine may not have enqueued the entry before Flush
polls the channel. Add 50ms sleep before Flush calls to prevent
flaky failures.
@garagon garagon merged commit e88e9e3 into main Mar 24, 2026
1 check passed
@garagon garagon deleted the feat/v0.13.0-pipeline-audit-rules branch March 24, 2026 15:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@garagon