tking/gsh
SHA256
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: add T0-T6 shell tier context and governance layer mapping

Browse source 
gsh is the T2 Operator Runtime binary per DESIGN-TYPED-SHELL-HIERARCHY-0001.
Added shell tier context, NO_NEW_PRIVS enforcement note, and
Free/Observed/Governed → L1/L2/L3 governance layer mapping.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: Tyler J King <tking@guildhouse.dev>
This commit is contained in:
Tyler J King 2026-05-28 09:31:47 -04:00
parent d0b674f6cd
commit 872a53a3c7
1 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
DESIGN.md
View file

@ -6,6 +6,15 @@
**Spec:** GCAP-SPEC-SHELLBOUND-BROKER-0001 (Layer 3) **Spec:** GCAP-SPEC-SHELLBOUND-BROKER-0001 (Layer 3)
**Language:** Rust **Language:** Rust
**License:** Apache 2.0 **License:** Apache 2.0
**References:** DESIGN-TYPED-SHELL-HIERARCHY-0001 (T0-T6), DESIGN-GOVERNANCE-LAYERING-MODEL-0001 (five-layer model)
> **Shell Tier Context (2026-05-28):** gsh is the **T2 Operator Runtime** binary
> per DESIGN-TYPED-SHELL-HIERARCHY-0001. It compiles with `--features operator`
> and is one of seven tier-specific binaries (T0-T6). `NO_NEW_PRIVS` is set at
> session start. The Free/Observed/Governed command categorization maps to
> governance layers: Free = L1 Permitted (within PosixBinding ceiling),
> Observed = L2 Authorized (AC-scoped), Governed = L3 Approved (ceremony-gated).
> See DESIGN-GOVERNANCE-LAYERING-MODEL-0001 for the full five-layer model.
--- ---