Thursday, 2015-09-03

*** sicarie has joined #openstack-security		00:00
*** maraletrcanaima has joined #openstack-security		00:00
*** maraletrcanaima has quit IRC		00:01
openstackgerrit	Brant Knudson proposed openstack/bandit: Use testtools rather than unittest https://review.openstack.org/219921	00:02
openstackgerrit	Merged openstack/bandit: Additional unit test coverage for core/utils.py https://review.openstack.org/219487	00:02
openstackgerrit	Shellee Arnold proposed openstack/security-doc: OSSN - Cached Keystone Tokens https://review.openstack.org/219922	00:04
openstackgerrit	Brant Knudson proposed openstack/bandit: Use testtools rather than unittest https://review.openstack.org/219921	00:05
openstackgerrit	Brant Knudson proposed openstack/bandit: Use addCleanup rather than tearDown https://review.openstack.org/219923	00:05
*** gmurphy has left #openstack-security		00:05
openstackgerrit	Michael McCune proposed openstack/security-doc: Add OSSN-0053 https://review.openstack.org/219898	00:11
openstackgerrit	Brant Knudson proposed openstack/bandit: Update .gitignore for docs https://review.openstack.org/219926	00:11
openstackgerrit	Eric Brown proposed openstack/bandit: Add a new check for weak RSA and DSA key sizes https://review.openstack.org/210806	00:13
*** goodygum has quit IRC		00:19
openstackgerrit	Brant Knudson proposed openstack/bandit: Generate module docs https://review.openstack.org/219930	00:20
*** goodygum has joined #openstack-security		00:21
chair6	for score_type in scores:	00:21
chair6	total = total + sum(scores[score_type][self.sev_level:])	00:21
chair6	return total	00:21
elmiko	an interesting spec, https://review.openstack.org/#/c/204073/	00:22
openstackgerrit	Merged openstack/bandit: Adding documentation for test plugins https://review.openstack.org/205505	00:23
elmiko	hyakuhei: see the spec i posted above	00:23
*** tmcpeak has quit IRC		00:24
openstackgerrit	Stanislaw Pitucha proposed openstack/anchor: Return CA for a given instance https://review.openstack.org/198222	00:26
*** tkelsey has quit IRC		00:30
openstackgerrit	Doug Chivers proposed openstack/security-doc: OSSN - Cached Keystone Tokens https://review.openstack.org/219922	00:32
openstackgerrit	Doug Chivers proposed openstack/security-doc: OSSN - Cached Keystone Tokens https://review.openstack.org/219922	00:36
*** hyakuhei has quit IRC		00:42
*** sicarie has quit IRC		00:43
*** bknudson has quit IRC		00:44
*** browne has quit IRC		00:46
*** jian5397 has quit IRC		00:46
openstackgerrit	Michael McCune proposed openstack/security-doc: Add OSSN-0058 https://review.openstack.org/219939	00:52
openstackgerrit	Michael McCune proposed openstack/security-doc: Add OSSN-0058 https://review.openstack.org/219939	00:54
openstackgerrit	Michael McCune proposed openstack/security-doc: Add OSSN-0058 https://review.openstack.org/219939	00:57
*** browne has joined #openstack-security		00:58
*** tkelsey has joined #openstack-security		01:00
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Introduce wildcards to blacklist_calls plugin https://review.openstack.org/219943	01:06
*** ducnc has joined #openstack-security		01:07
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Adding "hardcoded_bind_all_interfaces" documentation https://review.openstack.org/208475	01:10
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Adding "execute_with_run_as_root_equals_true" documentation https://review.openstack.org/208470	01:11
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Adding "exec_used" documentation https://review.openstack.org/207110	01:11
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Adding assert_used documentation https://review.openstack.org/207104	01:11
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Adding any_other_function_with_shell_equals_true documentation https://review.openstack.org/207099	01:11
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Adding "hardcoded_tmp_directory" documentation https://review.openstack.org/208482	01:12
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Adding "hardcoded_sql_expressions" documentation https://review.openstack.org/208480	01:12
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Adding "hardcoded_password" documentation https://review.openstack.org/208479	01:12
*** zul has quit IRC		01:14
*** zul has joined #openstack-security		01:17
openstackgerrit	Merged openstack/bandit: Update .gitignore for docs https://review.openstack.org/219926	01:17
openstackgerrit	Merged openstack/bandit: Add a new check for weak RSA and DSA key sizes https://review.openstack.org/210806	01:18
openstackgerrit	Merged openstack/bandit: Adding "hardcoded_bind_all_interfaces" documentation https://review.openstack.org/208475	01:20
*** jhfeng has joined #openstack-security		01:20
*** sdake has quit IRC		01:36
openstackgerrit	Tim Kelsey proposed openstack/bandit: Simplifying Result Store https://review.openstack.org/219955	01:57
openstackgerrit	Eric Brown proposed openstack/bandit: Add unit tests for the formatters https://review.openstack.org/219472	02:03
openstackgerrit	Tim Kelsey proposed openstack/bandit: meta-ast is only needed if we are in debug mode https://review.openstack.org/219957	02:03
*** sdake has joined #openstack-security		02:28
openstackgerrit	Tim Kelsey proposed openstack/bandit: Dont read the wordlist file in on every test call, cache it https://review.openstack.org/219962	02:30
*** sdake_ has joined #openstack-security		02:31
*** sdake has quit IRC		02:34
openstackgerrit	Tim Kelsey proposed openstack/bandit: Improved tests for hardcoded passwords https://review.openstack.org/202582	03:12
*** sigmavirus24 has quit IRC		03:30
*** sigmavirus24 has joined #openstack-security		03:33
*** sigmavirus24 is now known as sigmavirus24_awa		03:34
*** sdake_ is now known as sdake		03:42
*** tkelsey has quit IRC		03:54
*** LelouchV has quit IRC		04:02
*** tkelsey has joined #openstack-security		04:21
*** jhfeng has quit IRC		04:21
*** tkelsey has quit IRC		04:25
*** Sandra has joined #openstack-security		04:32
Sandra	holq	04:33
Sandra	hola daviey	04:34
*** Sandra has left #openstack-security		04:35
*** ducnc is now known as ducnguyen		04:55
*** sdake_ has joined #openstack-security		05:13
*** sdake has quit IRC		05:17
*** ducnguyen has quit IRC		05:44
*** sdake has joined #openstack-security		05:48
*** sdake_ has quit IRC		05:52
*** sdake_ has joined #openstack-security		05:54
*** sdake has quit IRC		05:57
*** shohel has joined #openstack-security		06:22
*** quie has joined #openstack-security		06:35
*** quie has quit IRC		06:39
*** quie has joined #openstack-security		06:40
*** alex_klimov has joined #openstack-security		06:55
*** shohel has quit IRC		06:58
*** browne has quit IRC		07:07
*** browne has joined #openstack-security		07:09
*** browne has quit IRC		07:09
*** shohel has joined #openstack-security		07:15
*** y_sawai has joined #openstack-security		07:18
*** shohel has quit IRC		07:34
*** y_sawai has quit IRC		07:45
*** b10n1k_ has quit IRC		07:45
*** browne has joined #openstack-security		07:53
*** lexholden has joined #openstack-security		07:55
*** y_sawai has joined #openstack-security		08:03
*** y_sawai has quit IRC		08:08
*** y_sawai has joined #openstack-security		08:10
*** y_sawai has quit IRC		08:10
*** y_sawai has joined #openstack-security		08:11
*** y_sawai has quit IRC		08:15
*** y_sawai has joined #openstack-security		08:27
*** browne has quit IRC		08:35
*** y_sawai has quit IRC		08:46
*** y_sawai has joined #openstack-security		08:49
*** y_sawai has quit IRC		08:54
*** alex_klimov has quit IRC		09:15
*** alex_klimov has joined #openstack-security		09:15
*** y_sawai has joined #openstack-security		09:50
*** y_sawai_ has joined #openstack-security		09:51
*** y_sawai has quit IRC		09:54
*** y_sawai_ has quit IRC		09:56
Daviey	Who is Sandra?	10:16
*** tjt263 has joined #openstack-security		10:47
*** y_sawai has joined #openstack-security		11:03
*** y_sawai has quit IRC		11:05
*** y_sawai has joined #openstack-security		11:05
*** y_sawai has quit IRC		11:10
*** y_sawai has joined #openstack-security		11:18
*** y_sawai has quit IRC		11:23
*** alex_klimov has quit IRC		11:26
*** lexholden has quit IRC		11:28
*** tkelsey has joined #openstack-security		11:34
*** y_sawai has joined #openstack-security		11:39
*** tkelsey has quit IRC		11:40
*** y_sawai has quit IRC		11:43
*** y_sawai has joined #openstack-security		11:43
*** y_sawai_ has joined #openstack-security		11:47
*** y_sawai has quit IRC		11:48
*** y_sawai_ has quit IRC		11:51
*** lexholden has joined #openstack-security		11:57
*** shohel has joined #openstack-security		12:01
*** alex_klimov has joined #openstack-security		12:05
*** y_sawai has joined #openstack-security		12:43
openstackgerrit	bruce-benjamin proposed openstack/security-doc: [security-guide] Ephemeral encryption setup https://review.openstack.org/218956	12:45
*** y_sawai has quit IRC		12:48
*** edmondsw has joined #openstack-security		13:13
*** y_sawai has joined #openstack-security		13:44
*** y_sawai has quit IRC		13:49
*** sigmavirus24_awa is now known as sigmavirus24		13:59
*** jian5397 has joined #openstack-security		14:00
*** jhfeng has joined #openstack-security		14:07
*** jian5397 has quit IRC		14:16
*** dave-mccowan has quit IRC		14:18
*** tkelsey has joined #openstack-security		14:19
*** jmckind has joined #openstack-security		14:27
*** browne has joined #openstack-security		14:31
*** dave-mccowan has joined #openstack-security		14:31
*** bknudson has joined #openstack-security		14:41
openstackgerrit	Tim Kelsey proposed openstack/bandit: Dont read the wordlist file in on every test call, cache it https://review.openstack.org/219962	14:43
*** y_sawai has joined #openstack-security		14:45
*** voodookid has joined #openstack-security		14:46
*** y_sawai has quit IRC		14:50
*** hyakuhei has joined #openstack-security		14:52
*** tkelsey has quit IRC		14:53
*** y_sawai has joined #openstack-security		14:54
*** y_sawai has quit IRC		14:59
openstackgerrit	Shellee Arnold proposed openstack/security-doc: OSSN - Cached Keystone Tokens https://review.openstack.org/219922	15:02
*** jhfeng has quit IRC		15:05
*** markvoelker has joined #openstack-security		15:08
*** sigmavirus24 is now known as sigmavirus24_awa		15:12
*** sigmavirus24_awa is now known as sigmavirus24		15:13
*** dwyde has joined #openstack-security		15:15
*** shohel has quit IRC		15:16
*** tmcpeak has joined #openstack-security		15:20
tmcpeak	nkinder: you around?	15:21
*** tkelsey has joined #openstack-security		15:21
nkinder	tmcpeak: in a meeting	15:21
tmcpeak	nkinder: cool, ping me when you get a chance please. I want to synch up with you regarding the OSSG recruiting	15:22
tmcpeak	also if you have any materials you can send over please do :)	15:22
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Introduce wildcards to blacklist_calls plugin https://review.openstack.org/219943	15:23
openstackgerrit	Robert Clark proposed openstack/anchor: Adding some additional high level content https://review.openstack.org/219512	15:31
openstackgerrit	Eric Brown proposed openstack/bandit: Remove redundant quotes in bandit.yaml https://review.openstack.org/220202	15:34
tmcpeak	sigmavirus24: you around?	15:34
sigmavirus24	sort of	15:35
tmcpeak	I'd like to sort out this issue Thomas is reporting with Bandit packaging	15:35
tmcpeak	what's the easiest path forward to JFDI his concerns away?	15:35
sigmavirus24	tmcpeak: break bandit for everyone else	15:35
sigmavirus24	that's the easiest thing	15:35
tmcpeak	well that's not happening	15:36
tmcpeak	other options?	15:36
sigmavirus24	nope	15:36
sigmavirus24	thank pbr for not having other options	15:36
tmcpeak	so he's asking us to detect if it's being installed by pip, correct?	15:36
sigmavirus24	Which we can't do with pbr	15:36
tmcpeak	:\|	15:37
tmcpeak	how are other OpenStack properties dealing with this?	15:37
sigmavirus24	They aren't	15:37
tmcpeak	surely there's nothing special about our use case	15:37
*** y_sawai has joined #openstack-security		15:37
sigmavirus24	They're mostly broken (see bash completions discussion on the ML from a couple months ago)	15:37
sigmavirus24	tmcpeak: there isn't	15:37
sigmavirus24	zigo threw a fit on the ML when that was discussed	15:37
sigmavirus24	People are still moving forward with it though	15:37
tmcpeak	hmm ok, I guess I should dig that up for better context	15:38
*** y_sawai has quit IRC		15:38
sigmavirus24	There really is nothing we can do	15:38
tmcpeak	ahh ok cool	15:38
tmcpeak	I'll read that thread for context but I definitely defer to your judgement here	15:39
tmcpeak	thanks man	15:39
sigmavirus24	If we were not managing setup.py through setup.cfg, we could write code to make zigo happy	15:39
sigmavirus24	It would be really really really bad form for the general python community	15:39
tmcpeak	that's a pbr thing though, right?	15:39
sigmavirus24	Yep	15:40
dstufft	my life was signifcantly happier when I was just ignoring what random downstreams wanted	15:40
tmcpeak	dstufft: lol, sounds like I should resume doing that	15:41
sigmavirus24	tmcpeak: it's better for all of our health	15:41
sigmavirus24	then I don't have to pay attention to zigo's threatening private emails	15:41
tmcpeak	lol, fair enough	15:41
*** markvoelker_ has joined #openstack-security		15:42
dstufft	tmcpeak: I recommend it	15:42
dstufft	unless you're trying to compete for how many hills you can find to die on	15:43
tmcpeak	I'll pass :)	15:43
ccneill_	hey guys, got a question for ya if anyone has a second	15:45
*** markvoelker has quit IRC		15:45
*** jian5397 has joined #openstack-security		15:45
ccneill_	while testing a project's admin features, my colleague found that he could trigger a DoS via user-supplied regex	15:46
ccneill_	has anyone found a good way to prevent catastrophic backtracking with user-supplied regexes?	15:46
ccneill_	in this case it's an admin-only feature, so it's not as bad as it could be, but I'm kind of stuck as far as providing ideas to prevent the issue entirely	15:46
*** gmurphy has joined #openstack-security		15:48
*** browne has quit IRC		15:54
*** bknudson has quit IRC		15:55
*** quie has quit IRC		15:59
*** browne has joined #openstack-security		16:06
tmcpeak	ccneill_: interesting question	16:07
tmcpeak	generally regex's can be pretty computationally expensive. In this case it doesn't seem like much of an issue because there are worse things admins can do to mess up their cloud	16:09
tmcpeak	I'd definitely recommend not executing regexs from less privileged users	16:10
tmcpeak	aside from that, giving users some sort of computational ceiling is probably the best you can do	16:10
*** alex_klimov has quit IRC		16:11
tmcpeak	we've (HP) has found similar issues in some of our threat analysis	16:11
openstackgerrit	Merged openstack/bandit: Adding "execute_with_run_as_root_equals_true" documentation https://review.openstack.org/208470	16:13
openstackgerrit	Merged openstack/bandit: Adding any_other_function_with_shell_equals_true documentation https://review.openstack.org/207099	16:14
openstackgerrit	Merged openstack/anchor: Adding some additional high level content https://review.openstack.org/219512	16:22
openstackgerrit	Michael McCune proposed openstack/bandit: Adding unit tests for bandit.core.context.Context https://review.openstack.org/219519	16:25
elmiko	chair6, tmcpeak, rebased that and fixed the missing safe_str issue ^	16:25
tmcpeak	elmiko: cool, I'll take a look	16:26
ccneill_	tmcpeak: unfortunately, the suggestion I've seen for limiting computation time is essentially spinning up child processes that get killed after some time interval	16:32
ccneill_	but my concern is that a bad user could do lots of requests that might hang, create lots of procs that are spinning their wheels, etc.	16:33
ccneill_	the functionality is for blacklisting domains in Designate v2, so only admins can add the regexes, but users' zone creation requests get run through the blacklists	16:33
tmcpeak	hmm, whitelist would probably be more effective	16:34
tmcpeak	ccneill_: it probably makes sense to limit the number of simultaneous processes a user can start, even for admins	16:36
tkelsey	browne: http://paste.openstack.org/show/444468/	16:37
ccneill_	I'm just worried that the complexity of supporting regexes in their entirety is always going to be this kind of cat-and-mouse game, so my thought at this point is to propose using substrings instead of regexes to at least cut down on the computational expense	16:37
*** bknudson has joined #openstack-security		16:37
*** sicarie has joined #openstack-security		16:38
tmcpeak	ccneill_: yeah that seems like a safer approach	16:38
elmiko	tmcpeak: https://wiki.openstack.org/wiki/CrossProjectLiaisons	16:39
ccneill_	tmcpeak: thanks for the help. needed someone to sanity check me and make sure I haven't missed some obvious solution :)	16:40
tmcpeak	ccneill_: sure, if you want further input in getting the change or reviews or something I'm usually here	16:40
ccneill_	cool cool, yeah I just started lurking in here but I'm sure I'll have lots of fun questions like this one :)	16:41
tmcpeak	awesome	16:41
ccneill_	on another note, I wrote this little utility to read in bandit findings in JSON format and spit out customizable HTML reports: https://github.com/cneill/bandit-buddy	16:42
ccneill_	if anyone's interested	16:42
openstackgerrit	Robert Clark proposed openstack/anchor: Changed readme so that example retrieves certificate https://review.openstack.org/219919	16:42
ccneill_	I would submit it as a CR to bandit, but I imagine that's a little beyond the scope of bandit itself	16:42
tmcpeak	ccneill_: oh yeah, Michael mentioned this, looks pretty cool	16:42
tmcpeak	would probably make a nice output formatter too if you're interested in porting it	16:42
ccneill_	even links to Github source now :)	16:42
openstackgerrit	Merged openstack/bandit: Adding unit tests for bandit.core.context.Context https://review.openstack.org/219519	16:43
ccneill_	I'll look into adding it as an output formatter the next time I have some down time	16:44
tmcpeak	sounds good	16:44
*** dwyde has quit IRC		16:48
sigmavirus24	tmcpeak: are we having the meeting this week or is it cancelled because midcycle?	16:58
sicarie	sigmavirus24: no meeting this week, hyakuhei sentout a notice on the -dev ml	16:58
tmcpeak	sigmavirus24: cancelled this week	16:58
sigmavirus24	Ah, missed it. Guess I'll grab lunch then.	16:59
openstackgerrit	Eric Brown proposed openstack/bandit: WIP: manager has no attribute '_init_logger' https://review.openstack.org/220241	17:05
openstackgerrit	Eric Brown proposed openstack/bandit: WIP: manager has no attribute '_init_logger' https://review.openstack.org/220241	17:07
*** dwyde has joined #openstack-security		17:16
*** markvoelker_ has quit IRC		17:16
*** tjt263 has quit IRC		17:17
*** tjt263 has joined #openstack-security		17:18
openstackgerrit	Eric Brown proposed openstack/bandit: WIP: manager has no attribute '_init_logger' https://review.openstack.org/220241	17:24
openstackgerrit	Merged openstack/anchor: Changed readme so that example retrieves certificate https://review.openstack.org/219919	17:25
*** zul has quit IRC		17:26
*** zul has joined #openstack-security		17:27
*** zul has quit IRC		17:27
openstackgerrit	Merged openstack/bandit: Remove redundant quotes in bandit.yaml https://review.openstack.org/220202	17:28
*** zul has joined #openstack-security		17:28
openstackgerrit	Merged openstack/bandit: Use testtools rather than unittest https://review.openstack.org/219921	17:28
openstackgerrit	Merged openstack/bandit: Use addCleanup rather than tearDown https://review.openstack.org/219923	17:29
openstackgerrit	Eric Brown proposed openstack/bandit: Fix manager having no attribute '_init_logger' https://review.openstack.org/220241	17:30
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Introduce wildcards to blacklist_calls plugin https://review.openstack.org/219943	17:47
*** daniela has joined #openstack-security		17:52
daniela	hola	17:55
*** daniela has left #openstack-security		17:55
openstackgerrit	Michael McCune proposed openstack/security-doc: Add OSSN-0058 https://review.openstack.org/219939	17:56
*** sicarie has quit IRC		17:57
*** LelouchV has joined #openstack-security		17:57
*** tjt263 has quit IRC		18:01
openstackgerrit	Michael Xin proposed openstack/security-doc: Adding an OSSN for bug 1456228 - Trusted VM powered on untrusted host https://review.openstack.org/220263	18:08
openstack	bug 1456228 in OpenStack Security Notes "Trusted vm can be powered on untrusted host" [Medium,Confirmed] https://launchpad.net/bugs/1456228 - Assigned to Michael Xin (michael-xin)	18:08
openstackgerrit	Shellee Aragon proposed openstack/security-doc: OSSN - Cached Keystone Tokens https://review.openstack.org/219922	18:08
browne	tkelsey: what module is etree.XML from?	18:11
openstackgerrit	Merged openstack/bandit: Introduce wildcards to blacklist_calls plugin https://review.openstack.org/219943	18:14
*** sicarie has joined #openstack-security		18:18
*** lexholden has quit IRC		18:21
openstackgerrit	Shellee Aragon proposed openstack/security-doc: OSSN - Cached Keystone Tokens https://review.openstack.org/219922	18:25
*** tmcpeak1 has joined #openstack-security		18:28
openstackgerrit	Shellee Aragon proposed openstack/security-doc: OSSN - Cached Keystone Tokens https://review.openstack.org/219922	18:31
*** tmcpeak has quit IRC		18:31
*** localloop127 has joined #openstack-security		18:31
*** dwyde has quit IRC		18:39
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Add basic metric generation and associated tests https://review.openstack.org/216885	18:42
*** elo has joined #openstack-security		18:43
browne	http://paste.openstack.org/show/444574/	18:43
*** timkennedy1 has quit IRC		18:46
*** sicarie has quit IRC		18:46
*** sicarie has joined #openstack-security		18:49
openstackgerrit	Eric Brown proposed openstack/bandit: Add unit tests for the formatters https://review.openstack.org/219472	18:59
openstackgerrit	Shellee Aragon proposed openstack/security-doc: OSSN - Cached Keystone Tokens https://review.openstack.org/219922	19:05
openstackgerrit	Tim Kelsey proposed openstack/bandit: Removing class level variables https://review.openstack.org/220281	19:05
tkelsey	chair6: https://review.openstack.org/#/c/220281/	19:06
*** b10n1k_ has joined #openstack-security		19:15
openstackgerrit	Merged openstack/bandit: meta-ast is only needed if we are in debug mode https://review.openstack.org/219957	19:18
openstackgerrit	Merged openstack/bandit: Removing class level variables https://review.openstack.org/220281	19:21
*** alex_klimov has joined #openstack-security		19:23
openstackgerrit	Eric Brown proposed openstack/bandit: Fix manager having no attribute '_init_logger' https://review.openstack.org/220241	19:27
openstackgerrit	Nathaniel Dillon proposed openstack/security-doc: OSSN - Cached Keystone Tokens https://review.openstack.org/219922	19:27
openstackgerrit	Eric Brown proposed openstack/bandit: Add unit tests for the formatters https://review.openstack.org/219472	19:28
ccneill_	goodness, y'all get some hardcore gerrit spam lol	19:28
chair6	heh .. this is not partcularly normal, we're into day 3 of our midcycle so this is a lot more activity than usual :)	19:29
tkelsey	hackathon FTW :)	19:29
* sicarie wants to stick bamboo splinters in his ears at that word		19:30
tkelsey	sicarie: sorry :(	19:30
tkelsey	synonym?	19:31
tmcpeak1	brogramming?	19:31
tmcpeak1	we're into day 3 of bro'ing it down	19:31
tkelsey	see, now hackathon dont seem so bad :P	19:32
chair6	aren't i supposed to be bumping hiphop in my obnoxiously large Beats By Dre (TM) if i'm brogramming?	19:33
sicarie	Only if it’s up loud enough for everyone to hear it outside your headphones	19:34
openstackgerrit	Nathaniel Dillon proposed openstack/security-doc: Adding OSSN-0052 https://review.openstack.org/219903	19:35
* ccneill_ sheepishly turns down his vibrating headphones with attached headphone amplifier		19:37
ccneill_	<_<	19:37
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Raise exceptions from BanditConfig rather than exit https://review.openstack.org/219917	19:38
*** tjt263 has joined #openstack-security		19:43
openstackgerrit	Robert Clark proposed openstack/anchor: Changes to allow sphinx to build correctly https://review.openstack.org/220289	19:45
openstackgerrit	Merged openstack/bandit: Raise exceptions from BanditConfig rather than exit https://review.openstack.org/219917	19:45
openstackgerrit	Eric Brown proposed openstack/bandit: Add unit tests for the formatters https://review.openstack.org/219472	19:50
*** sicarie has quit IRC		19:50
openstackgerrit	Brant Knudson proposed openstack/bandit: Generate module docs https://review.openstack.org/219930	19:51
openstackgerrit	Eric Brown proposed openstack/bandit: Fix manager having no attribute '_init_logger' https://review.openstack.org/220241	19:59
*** quie has joined #openstack-security		20:01
*** dave-mccowan has quit IRC		20:06
*** localloop127 has quit IRC		20:07
*** LelouchV has quit IRC		20:09
*** localloop127 has joined #openstack-security		20:11
*** sicarie has joined #openstack-security		20:13
*** hyakuhei has quit IRC		20:13
*** hyakuhei has joined #openstack-security		20:14
elmiko	bknudson: https://github.com/swagger-api/swagger-spec	20:25
*** sdake has joined #openstack-security		20:25
*** sdake_ has quit IRC		20:29
jian5397	https://github.com/rackerlabs/syntribos	20:30
*** jian5397 is now known as michaelxin		20:30
michaelxin	https://github.com/rackerlabs/syntribos is the link	20:30
hyakuhei	michaelxin: http://docs.openstack.org/infra/manual/creators.html	20:32
*** dave-mccowan has joined #openstack-security		20:32
elmiko	bknudson: https://review.openstack.org/#/c/214817/	20:32
openstackgerrit	Eric Brown proposed openstack/bandit: Fix manager having no attribute '_init_logger' https://review.openstack.org/220241	20:37
*** jmckind has quit IRC		20:38
*** jmckind has joined #openstack-security		20:42
chair6	tkelsey: https://review.openstack.org/#/c/219472/	20:42
*** localloop127 has quit IRC		20:44
*** localloop127 has joined #openstack-security		20:45
openstackgerrit	Merged openstack/bandit: Add unit tests for the formatters https://review.openstack.org/219472	20:46
*** localloop127 has quit IRC		20:49
*** sicarie has quit IRC		20:50
*** sicarie has joined #openstack-security		20:51
*** elo has quit IRC		21:14
*** jmckind has quit IRC		21:34
*** daniela has joined #openstack-security		21:37
daniela	helo	21:38
daniela	hello	21:38
*** tmcpeak1 is now known as tmcpeak		21:39
*** ChanServ sets mode: +o tmcpeak		21:39
daniela	;-)	21:40
*** localloop127 has joined #openstack-security		21:51
openstackgerrit	Shellee Aragon proposed openstack/security-doc: OSSN - Cached Keystone Tokens https://review.openstack.org/219922	21:54
*** localloop127 has quit IRC		21:59
*** daniela has left #openstack-security		22:06
openstackgerrit	Shellee Aragon proposed openstack/security-doc: OSSN - Cached Keystone Tokens https://review.openstack.org/219922	22:08
*** tkelsey has quit IRC		22:13
openstackgerrit	Eric Brown proposed openstack/bandit: Fix manager having no attribute '_init_logger' https://review.openstack.org/220241	22:15
*** alex_klimov has quit IRC		22:28
*** tkelsey has joined #openstack-security		22:28
*** hyakuhei has quit IRC		22:31
*** hyakuhei has joined #openstack-security		22:33
*** sicarie has quit IRC		22:34
*** sicarie has joined #openstack-security		22:36
openstackgerrit	Eric Brown proposed openstack/bandit: Fix manager having no attribute '_init_logger' https://review.openstack.org/220241	22:41
*** hyakuhei has quit IRC		22:44
*** hyakuhei has joined #openstack-security		22:45
elmiko	tkelsey, https://github.com/Swordfish90/cool-retro-term	22:48
*** hyakuhei has quit IRC		22:49
*** quie has quit IRC		22:49
*** hyakuhei has joined #openstack-security		22:52
*** edmondsw has quit IRC		22:53
elmiko	sicarie: i fixed up https://review.openstack.org/#/c/219939/	22:53
sicarie	elmiko: cool, i’ll take a look	22:54
tmcpeak	http://choosesecurity.myshopify.com/products/choose-security-brian-krebs-is-my-ids-shirt	22:55
tmcpeak	^	22:55
*** hyakuhei has quit IRC		22:57
*** sdake has quit IRC		23:06
*** voodookid has quit IRC		23:08
*** markvoelker has joined #openstack-security		23:13
*** markvoelker has quit IRC		23:17
*** markvoelker has joined #openstack-security		23:25
*** y_sawai has joined #openstack-security		23:32
*** hyakuhei has joined #openstack-security		23:35
openstackgerrit	Shellee Aragon proposed openstack/security-doc: OSSN - Cached Keystone Tokens https://review.openstack.org/219922	23:38
*** hyakuhei has quit IRC		23:40
*** y_sawai has quit IRC		23:41
*** sicarie has quit IRC		23:41
*** hyakuhei has joined #openstack-security		23:43
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Adding assert_used documentation https://review.openstack.org/207104	23:43
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Adding "hardcoded_password" documentation https://review.openstack.org/208479	23:49

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!