|
|
|
|
|
|
by nknutalapati
111 days ago
|
|
|
Solid proxy architecture. The deny-by-default YAML policy engine is the right call. One question on the audit side: decisions are logged to SQLite — is that log tamper-evident? If an operator or admin modifies a row after the fact, is there a mechanism to detect it, or does verification depend on the SQLite file being unaltered? Asking because in regulated environments, the first thing auditors challenge is whether the log itself can be trusted independently. |
|
|