Summary
Provide a reproducible local multi-operator test bench for offensive testing. The audit passes under #178 exercised tenancy and authz through the source plus the automated multi-tenant test suite (tenant_scope_test, scoping_boundary_test, *_authz_test, scoping_property_test), but there is no documented live bench to run manual attacks against.
Scope
A scripted bench (Makefile target / docker-compose / shell script) that stands up:
- the mgmt server with a known master key,
- 2+ operators, each with their own CA(s) and networks,
- a few hosts per network (enrolled + pending + blocked),
and documents how to drive manual offensive checks against it: auth bypass, IDOR / cross-tenant reads, enrollment-token reuse, certificate-issuance abuse, poll host-spoofing.
Why
Lowers the cost of re-running the offensive objectives (1–4 in #178) on each release and lets contributors reproduce findings locally.
Part of #178 (checklist: Local multi-operator test bench).
Summary
Provide a reproducible local multi-operator test bench for offensive testing. The audit passes under #178 exercised tenancy and authz through the source plus the automated multi-tenant test suite (
tenant_scope_test,scoping_boundary_test,*_authz_test,scoping_property_test), but there is no documented live bench to run manual attacks against.Scope
A scripted bench (Makefile target / docker-compose / shell script) that stands up:
and documents how to drive manual offensive checks against it: auth bypass, IDOR / cross-tenant reads, enrollment-token reuse, certificate-issuance abuse, poll host-spoofing.
Why
Lowers the cost of re-running the offensive objectives (1–4 in #178) on each release and lets contributors reproduce findings locally.
Part of #178 (checklist: Local multi-operator test bench).