fetch_ml/internal/fileutil/secure_unix.go at a981e890053f066109e3fae207c81a71b2a53729 - jfraeysd/fetch_ml - Forgejo: Beyond coding. We Forge.

jfraeysd/fetch_ml

Jeremie Fraeys a981e89005

feat(security): add audit subsystem and tenant isolation

Implement comprehensive audit and security infrastructure:
- Immutable audit logs with platform-specific backends (Linux/Other)
- Sealed log entries with tamper-evident checksums
- Audit alert system for real-time security notifications
- Log rotation with retention policies
- Checkpoint-based audit verification

Add multi-tenant security features:
- Tenant manager with quota enforcement
- Middleware for tenant authentication/authorization
- Per-tenant cryptographic key isolation
- Supply chain security for container verification
- Cross-platform secure file utilities (Unix/Windows)

Add test coverage:
- Unit tests for audit alerts and sealed logs
- Platform-specific audit backend tests

2026-02-26 12:03:45 -05:00

10 lines

221 B

Go

Raw Blame History

 //go:build !windows
 // +build !windows
 package fileutil
 import "syscall"
 // o_NOFOLLOW prevents open from following symlinks.
 // Available on Linux, macOS, and other Unix systems.
 const o_NOFOLLOW = syscall.O_NOFOLLOW