coulomb/net-kingdom
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
14 Commits 1 Branch 0 Tags
e7bafd69fcdefaa500e0d14777aa9b833138e087
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
tegwick e7bafd69fc feat(local-identity): Stage 4 — security hardening (NK-WP-0002-T04) 
Permission enforcement on startup: enforce_permissions() checks store dir
(700), user files (600), signing key, TLS key, audit.log, revoked.json.
CLI and run_server() call it before any sensitive operation.

New modules:
  security.py  check_store(), enforce_permissions(), print_security_check()
  audit.py     log_event() — append-only TSV audit log (mode 600)
  revoke.py    revoke(jti), is_revoked(jti) — revocation list (mode 600)

New CLI commands:
  security-check          Print per-check pass/warn/fail report; exit 1 on failure
  revoke-token <jti|jwt>  Add JTI to revocation list; accepts raw JTI or full JWT

Serve integration:
  Audit log written for auth request, token issuance, and userinfo calls
  Revocation checked at /userinfo; revoked tokens return 401

Docs: security model section in LocalIdentity.md — threat model,
assumptions, non-guarantees, SELinux/AppArmor guidance, revocation usage.

138 tests passing (34 new for Stage 4).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-02 08:06:56 +01:00
docs
feat(local-identity): Stage 4 — security hardening (NK-WP-0002-T04)
2026-03-02 08:06:56 +01:00
local-identity
feat(local-identity): Stage 4 — security hardening (NK-WP-0002-T04)
2026-03-02 08:06:56 +01:00
wiki
Add CLAUDE.md, wiki protoplans, and NK-WP-0001 workplan
2026-02-28 17:21:51 +01:00
workplans
feat(local-identity): Stage 4 — security hardening (NK-WP-0002-T04)
2026-03-02 08:06:56 +01:00
.gitignore
Initial commit
2026-02-28 09:41:41 +00:00
CLAUDE.md
Add CLAUDE.md, wiki protoplans, and NK-WP-0001 workplan
2026-02-28 17:21:51 +01:00
DECISIONS.md
docs(decisions): record D4 (ESO) and D5 (local-identity in-repo)
2026-03-02 01:06:58 +01:00
LICENSE
Initial commit
2026-02-28 09:41:41 +00:00
README.md
Add CLAUDE.md, wiki protoplans, and NK-WP-0001 workplan
2026-02-28 17:21:51 +01:00

README.md

NetKingdom

NetKingdom provides a dynamic self optimizing full circle security-platform for kubernetes deployed IT-infrastructures.

Reference in New Issue View Git Blame Copy Permalink
Description
Open security core for dev sec ops on kubernetes
Readme MIT-0 4.3 MiB
Languages
Python 61.7%
Shell 35.5%
Makefile 2.8%