lfg2025/archy
1
0
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects Releases 44 Wiki Activity
archy/loop/pentest/report.md
Dorian 39c7ac1924 feat: rootless podman, session hardening, boot stability, sidebar fix 
Rootless podman migration (TASK-11):
- Remove sudo from all podman calls in PodmanClient + 8 backend files
- Remove sudo from all podman/docker calls in deploy script
- Restore full systemd security hardening: NoNewPrivileges,
  RestrictAddressFamilies, MemoryDenyWriteExecute, RestrictRealtime,
  RestrictNamespaces, RestrictSUIDSGID, SystemCallFilter, ProtectSystem=strict
- Enable loginctl linger for rootless container persistence
- Remove Ollama from auto-deploy (marketplace-only)

Session & auth hardening:
- Increase MAX_CONCURRENT_SESSIONS 20→50 (prevents eviction storms)
- Debounced 401 redirect in rpc-client.ts (prevents redirect storms)

Boot stability:
- optimize-debian.sh: adds chrony, swap, removes policy-rc.d
- deploy script: pre-restart chrony + swap setup
- ISO build: chrony package, swap file creation
- BootScreen: no longer clears localStorage (prevents splash replay)
- RootRedirect: sole owner of localStorage clearing on server ready

UI fixes:
- Sidebar opacity default changed from 0→visible (fixes missing sidebar
  after page-persistence login without entrance animation)
- Console.log/error wrapped in import.meta.env.DEV guards
- Remove unused route import from RootRedirect

Beta tracking:
- CLAUDE.md: beta freeze protocol added
- MASTER_PLAN.md: TASK-11, TASK-17, phase structure
- BETA-PROGRESS.md: initial tracking doc
- Tagged v1.2.0-alpha.1 as pre-rootless baseline

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 13:53:27 +00:00

1020 B
Raw Blame History

Report written to loop/pentest/security-assessment-report.md.

Summary: 27 findings (8 Critical, 10 High, 6 Medium, 3 Low)

The report includes:

  • Executive summary with overall CRITICAL rating and top 3 recommendations
  • Scope and methodology covering nmap, source review, and live exploitation
  • Full findings table — 21 exploitation-confirmed + 6 recon-confirmed
  • Detailed findings — each with evidence (curl commands + responses), impact, and OWASP mapping
  • Critical attack chain — 7-step full compromise from any LAN device, zero auth
  • Prioritized recommendations — 20 remediation items across P0/P1/P2
  • Positive security controls — bcrypt, TOTP, session tokens, container security noted
  • Appendices — port inventory, container list, root cause tree, OWASP mapping, non-exploitable exclusions

The root cause is AUTH-001 (no session management). Fixing it addresses 15 of 27 findings. Combined with credential lockdown and port binding, 23 of 27 are resolved.