Add new detection rules, fix fork tracking, harden dashboard security

New detection rules:
- Blocked paths: .netrc, .npmrc, .pypirc, .docker/config.json (PATH-LIN-014–018, PATH-MAC-021–025)
- Blocked executable: mkfs (BIN-028)
- Deny rules: dd disk destruction (LIN-050), argv-based sensitive file alerting for .env, .pem, .key, .p12, .pfx, credentials.json, secrets.yaml/json, tokens.json (LIN-051–057)

eBPF fix:
- Fix fork TGID mismatch in sched_process_fork tracepoint — worker thread forks now correctly inherit tracking via bpf_get_current_pid_tgid() fallback

Dashboard security hardening:
- Fix timing attack: use hmac.compare_digest() for token comparison
- Add X-Content-Type-Options and X-Frame-Options security headers
- Sanitize error responses to prevent filesystem path disclosure
- Add missing subprocess timeout on macOS policy applicator

Author: leos565

.gitignore

@@ -11,3 +11,4 @@ build/
 .DS_Store
 testing_setup/
 docs/
+comparison-report.md

CLAUDE.md

@@ -21,6 +21,43 @@ pip install -r requirements-dev.txt
 ./main.py all       # sync → compile → test (skips publish)
 ```
 
+## Applying Changes to the Testing VM
+
+After every editing session, sync the deploy files to the OrbStack Ubuntu VM and restart services:
+
+```bash
+cd /Users/leo/clawedr && orb -m ubuntu -u root bash -c '
+set -e
+CLAWEDR_DIR="/usr/local/share/clawedr"
+SRC="/Users/leo/clawedr/deploy"
+
+echo "[*] Syncing deploy files to $CLAWEDR_DIR..."
+cp "$SRC/compiled_policy.json" "$CLAWEDR_DIR/"
+cp "$SRC/linux/bpf_hooks.c" "$CLAWEDR_DIR/"
+cp "$SRC/linux/monitor.py" "$CLAWEDR_DIR/"
+cp "$SRC/shared/user_rules.py" "$CLAWEDR_DIR/shared/"
+cp "$SRC/shared/alert_dispatcher.py" "$CLAWEDR_DIR/shared/"
+cp "$SRC/shared/rule_updater.py" "$CLAWEDR_DIR/shared/"
+cp "$SRC/shared/policy_verify.py" "$CLAWEDR_DIR/shared/"
+cp "$SRC/dashboard/app.py" "$CLAWEDR_DIR/dashboard/"
+cp "$SRC/dashboard/templates/index.html" "$CLAWEDR_DIR/dashboard/templates/"
+
+echo "[*] Restarting clawedr-monitor..."
+systemctl restart clawedr-monitor 2>/dev/null || true
+
+echo "[*] Restarting clawedr-dashboard..."
+systemctl restart clawedr-dashboard 2>/dev/null || true
+
+sleep 3
+echo "[*] Status:"
+systemctl is-active clawedr-monitor 2>/dev/null && echo "  clawedr-monitor: active" || echo "  clawedr-monitor: failed"
+systemctl is-active clawedr-dashboard 2>/dev/null && echo "  clawedr-dashboard: active" || echo "  clawedr-dashboard: failed"
+echo "[*] Done."
+'
+```
+
+Both `clawedr-monitor` and `clawedr-dashboard` should report `active`. If either reports `failed`, check `journalctl -u clawedr-monitor -n 50` or `journalctl -u clawedr-dashboard -n 50` inside the VM.
+
 ## Testing
 
 ```bash

builder/master_rules.yaml

@@ -65,10 +65,18 @@ rule_metadata:
   PATH-LIN-011: { description: "User kubeconfig; enables Kubernetes cluster takeover", severity: critical, category: security }
   PATH-LIN-012: { description: "Docker socket; enables container escape and host takeover", severity: critical, category: security }
   PATH-LIN-013: { description: "ClawEDR config; contains exemptions and custom rules — prevents policy tampering", severity: critical, category: security }
+  PATH-LIN-014: { description: "Netrc credentials; plaintext HTTP/FTP login credentials", severity: high, category: security }
+  PATH-LIN-015: { description: "npm config; may contain registry auth tokens", severity: high, category: security }
+  PATH-LIN-016: { description: "PyPI config; may contain upload credentials", severity: high, category: security }
   PATH-LIN-017: { description: "ClawEDR install dir; compiled policy, monitor, rules — prevents policy tampering", severity: critical, category: security }
+  PATH-LIN-018: { description: "Docker config; may contain registry auth credentials", severity: high, category: security }
 
   PATH-MAC-020: { description: "ClawEDR config; contains exemptions and custom rules — prevents policy tampering", severity: critical, category: security }
+  PATH-MAC-021: { description: "Netrc credentials; plaintext HTTP/FTP login credentials", severity: high, category: security }
+  PATH-MAC-022: { description: "npm config; may contain registry auth tokens", severity: high, category: security }
   PATH-MAC-023: { description: "ClawEDR install dir; compiled policy and rules — prevents policy tampering", severity: critical, category: security }
+  PATH-MAC-024: { description: "PyPI config; may contain upload credentials", severity: high, category: security }
+  PATH-MAC-025: { description: "Docker config; may contain registry auth credentials", severity: high, category: security }
 
   # Blocked domains
   DOM-001: { description: "Monero mining pool; cryptojacking and resource theft", severity: high, category: security }
@@ -127,6 +135,7 @@ rule_metadata:
   BIN-025: { description: "Strace; syscall tracing, can capture secrets and inject", severity: high, category: security }
   BIN-026: { description: "Ltrace; library call tracing", severity: high, category: security }
   BIN-027: { description: "Ptrace; process tracing and injection", severity: high, category: security }
+  BIN-028: { description: "mkfs; filesystem format — can destroy disk partitions", severity: critical, category: security }
 
   # macOS custom deny rules
   MAC-001: { description: "Reverse-shell port 4444; common C2 callback", severity: critical, category: security }
@@ -199,6 +208,17 @@ rule_metadata:
   LIN-047: { description: "Kubelet API; Kubernetes recon / escape", severity: critical, category: security }
   LIN-048: { description: "Find SUID binaries; privilege escalation recon", severity: high, category: security }
   LIN-049: { description: "Getcap recursive; capability recon for priv esc", severity: high, category: security }
+  LIN-050: { description: "dd raw disk write; can overwrite partitions and destroy data", severity: critical, category: security }
+  LIN-051: { description: "Dotenv file access; .env files typically contain secrets and API keys", severity: high, category: security }
+  LIN-051b: { description: "Dotenv file access (absolute path); .env files typically contain secrets and API keys", severity: high, category: security }
+  LIN-052: { description: "PEM certificate/key access; .pem files contain private keys or certificates", severity: high, category: security }
+  LIN-053: { description: "Private key file access; .key files contain cryptographic private keys", severity: high, category: security }
+  LIN-054: { description: "PKCS12 keystore access; .p12/.pfx files contain certificates and private keys", severity: high, category: security }
+  LIN-054b: { description: "PFX keystore access; .pfx files contain certificates and private keys", severity: high, category: security }
+  LIN-055: { description: "Credentials file access; credentials.json commonly contains service account keys", severity: high, category: security }
+  LIN-056: { description: "Secrets config access; secrets.yaml/secrets.json contain application secrets", severity: high, category: security }
+  LIN-056b: { description: "Secrets JSON access; secrets.json contains application secrets", severity: high, category: security }
+  LIN-057: { description: "Token file access; tokens.json commonly contains OAuth/API tokens", severity: high, category: security }
 
   # ── Heuristic rules ─────────────────────────────────────────────────────────
   # Behavioral detection rules for AI agent skill abuse.
@@ -316,7 +336,11 @@ blocked_paths:
     # System
     PATH-MAC-019: "/Library/Preferences/SystemConfiguration"
     PATH-MAC-020: "/etc/clawedr"
+    PATH-MAC-021: "~/.netrc"
+    PATH-MAC-022: "~/.npmrc"
     PATH-MAC-023: "/usr/local/share/clawedr"
+    PATH-MAC-024: "~/.pypirc"
+    PATH-MAC-025: "~/.docker/config.json"
   linux:
     PATH-LIN-001: "/root/.ssh"
     PATH-LIN-002: "/etc/shadow"
@@ -333,7 +357,11 @@ blocked_paths:
     PATH-LIN-011: "/home/*/.kube/config"
     PATH-LIN-012: "/var/run/docker.sock"
     PATH-LIN-013: "/etc/clawedr"
+    PATH-LIN-014: "/home/*/.netrc"
+    PATH-LIN-015: "/home/*/.npmrc"
+    PATH-LIN-016: "/home/*/.pypirc"
     PATH-LIN-017: "/usr/local/share/clawedr"
+    PATH-LIN-018: "/home/*/.docker/config.json"
 
 # ── Blocked domains ───────────────────────────────────────────────────────
 # Known mining pools and C2 infrastructure. The threat feed adds more.
@@ -409,6 +437,8 @@ blocked_executables:
   BIN-025: "strace"
   BIN-026: "ltrace"
   BIN-027: "ptrace"
+  # Disk destruction
+  BIN-028: "mkfs"
 
 malicious_hashes: {}
 
@@ -680,6 +710,58 @@ custom_deny_rules:
       match: "getcap -r /"
       action: "SIGKILL"
 
+    # ── Disk destruction ──
+    LIN-050:
+      rule: "disk_dd_write"
+      match: "dd if=* of=/dev/*"
+      executable: "dd"
+      action: "SIGKILL"
+
+    # ── Sensitive file access (alert-only) ──
+    # These catch argv-level access to files that cannot be blocked via
+    # eBPF openat (suffix/glob patterns are infeasible with hash lookup).
+    # Two rules for .env: relative (space-anchored) and absolute (slash-anchored).
+    LIN-051:
+      rule: "sensitive_dotenv_relative"
+      match: "* .env*"
+      action: "ALERT"
+    LIN-051b:
+      rule: "sensitive_dotenv_absolute"
+      match: "*/.env*"
+      action: "ALERT"
+    LIN-052:
+      rule: "sensitive_pem_file"
+      match: "*.pem"
+      action: "ALERT"
+    LIN-053:
+      rule: "sensitive_key_file"
+      match: "*.key"
+      action: "ALERT"
+    LIN-054:
+      rule: "sensitive_p12_pfx_file"
+      match: "*.p12"
+      action: "ALERT"
+    LIN-054b:
+      rule: "sensitive_pfx_file"
+      match: "*.pfx"
+      action: "ALERT"
+    LIN-055:
+      rule: "sensitive_credentials_json"
+      match: "*credentials.json*"
+      action: "ALERT"
+    LIN-056:
+      rule: "sensitive_secrets_config"
+      match: "*secrets.yaml*"
+      action: "ALERT"
+    LIN-056b:
+      rule: "sensitive_secrets_json"
+      match: "*secrets.json*"
+      action: "ALERT"
+    LIN-057:
+      rule: "sensitive_tokens_json"
+      match: "*tokens.json*"
+      action: "ALERT"
+
 # ── Heuristics ────────────────────────────────────────────────────────────
 # Behavioral detection rules for AI agent skill abuse.
 # Enforcement hierarchy per rule: disabled → alert → enforce