实现示例type Agent = { id: string; start: number; expires: number; netAllowed: string[]; fsAllowed: string[] } function within(created: number, expires: number, now: number, leewaySec: number): boolean { if (expires <= created) return false; return now + leewaySec * 1000 >= created && now - leewaySec * 1000 <= expires } function allowed(agent: Agent, action: { type: 'net' | 'fs'; target: string }, now: number): boolean { if (!within(agent.start, agent.expires, now, 30)) return false const list = action.type === 'net' ? agent.netAllowed : agent.fsAllowed return list.includes(action.target) } function terminate(agent: Agent, now: number): boolean { return now >= agent.expires } 审计与运行治理审计记录代理生命周期与能力使用;到期自动终止并清理环境。网络与文件系统白名单最小化;异常访问阻断并告警。
投稿
微信公众账号
微信扫一扫加关注
评论 返回
顶部
发表评论 取消回复