Wednesday, 2016-03-16

« Tuesday, 2016-03-15 Index Thursday, 2016-03-17 »
*** openstack has joined #openstack-security00:23
*** dave-mccowan has joined #openstack-security00:57
*** tmcpeak has quit IRC01:14
*** tmcpeak has joined #openstack-security01:41
*** tmcpeak has quit IRC02:01
*** Fred_Li has quit IRC02:21
*** dave-mccowan has quit IRC03:17
*** yuanying has quit IRC03:20
*** yuanying has joined #openstack-security04:07
*** pdesai has joined #openstack-security04:58
*** pdesai has quit IRC05:03
*** liverpooler has quit IRC05:59
*** tesseract has joined #openstack-security07:16
*** tesseract is now known as Guest6496707:17
*** Guest64967 has quit IRC07:21
*** browne has quit IRC07:27
*** eric_lopez has quit IRC07:28
*** elo has joined #openstack-security07:30
*** tesseract- has joined #openstack-security07:35
*** liverpooler has joined #openstack-security07:49
*** y_sawai has joined #openstack-security08:10
*** aurelien_ has joined #openstack-security08:13
*** liverpooler has quit IRC08:14
*** liverpooler has joined #openstack-security08:14
*** aurelien_ has left #openstack-security08:15
openstackgerritchen.xing proposed openstack/security-doc: [security-guide]Update the content of the signed image validation  https://review.openstack.org/28764008:33
*** ig0r_ has quit IRC08:39
*** salv-orlando has joined #openstack-security09:11
*** openstackgerrit has quit IRC09:53
*** openstackgerrit_ is now known as openstackgerrit09:53
*** openstackgerrit has quit IRC09:53
*** openstackgerrit_ has joined #openstack-security09:53
*** openstackgerrit has joined #openstack-security09:54
*** openstackgerrit_ is now known as openstackgerrit09:54
*** openstackgerrit_ has joined #openstack-security09:55
*** openstackgerrit has quit IRC09:55
*** openstackgerrit has joined #openstack-security09:56
*** ykotko has joined #openstack-security10:24
ykotkoany updates ?   https://bugs.launchpad.net/bandit/+bug/155411210:35
openstackLaunchpad bug 1554112 in Bandit "After excluding plugin from the bandit.yaml it still was used during the scaning" [Undecided,Confirmed] - Assigned to Eric Brown (ericwb)10:35
ykotkoand one more question do you have any description of plugins  in bandit.yaml ?10:44
ykotkook. have found the description, but what about  https://bugs.launchpad.net/bandit/+bug/155411210:56
openstackLaunchpad bug 1554112 in Bandit "After excluding plugin from the bandit.yaml it still was used during the scaning" [Undecided,Confirmed] - Assigned to Eric Brown (ericwb)10:56
ykotkocan somebody look at10:56
ykotko??10:56
*** salv-orlando has quit IRC10:56
*** openstackgerrit has quit IRC11:18
*** openstackgerrit has joined #openstack-security11:18
*** y_sawai has quit IRC11:37
*** dave-mccowan has joined #openstack-security11:52
*** salv-orlando has joined #openstack-security11:57
*** salv-orlando has quit IRC12:28
*** pcaruana has quit IRC12:28
*** ninag has joined #openstack-security12:57
ykotkoany updates ?   https://bugs.launchpad.net/bandit/+bug/155411213:00
openstackLaunchpad bug 1554112 in Bandit "After excluding plugin from the bandit.yaml it still was used during the scaning" [Undecided,Confirmed] - Assigned to Eric Brown (ericwb)13:00
ykotko@chair6 can you look at https://bugs.launchpad.net/bandit/+bug/155411213:02
openstackLaunchpad bug 1554112 in Bandit "After excluding plugin from the bandit.yaml it still was used during the scaning" [Undecided,Confirmed] - Assigned to Eric Brown (ericwb)13:02
*** rcernin has joined #openstack-security13:03
ykotko@tmcpeak: can you look at  https://bugs.launchpad.net/bandit/+bug/155411213:11
openstackLaunchpad bug 1554112 in Bandit "After excluding plugin from the bandit.yaml it still was used during the scaning" [Undecided,Confirmed] - Assigned to Eric Brown (ericwb)13:11
*** kro_sinus_hell is now known as krot_sinus_purga13:15
*** krot_sinus_purga is now known as kro_sniffles13:15
*** Sokonesi has joined #openstack-security13:17
*** Sokonesi has left #openstack-security13:19
*** ig0r_ has joined #openstack-security13:24
*** salv-orlando has joined #openstack-security13:29
*** ninag has quit IRC13:34
*** ninag has joined #openstack-security13:34
*** d0ugal has quit IRC13:35
*** d0ugal has joined #openstack-security13:35
*** ninag_ has joined #openstack-security13:36
ykotko@tkelsey: can you look at  https://bugs.launchpad.net/bandit/+bug/155411213:36
openstackLaunchpad bug 1554112 in Bandit "After excluding plugin from the bandit.yaml it still was used during the scaning" [Undecided,Confirmed] - Assigned to Eric Brown (ericwb)13:36
*** ninag has quit IRC13:39
*** salv-orlando has quit IRC13:40
*** edmondsw has joined #openstack-security13:41
ykotko@browne: can you look at  https://bugs.launchpad.net/bandit/+bug/155411213:46
openstackLaunchpad bug 1554112 in Bandit "After excluding plugin from the bandit.yaml it still was used during the scaning" [Undecided,Confirmed] - Assigned to Eric Brown (ericwb)13:46
*** cleong has joined #openstack-security13:53
*** edtubill has joined #openstack-security14:02
*** avarner__ has joined #openstack-security14:02
ykotko@browne: can you look at  https://bugs.launchpad.net/bandit/+bug/155411214:02
openstackLaunchpad bug 1554112 in Bandit "After excluding plugin from the bandit.yaml it still was used during the scaning" [Undecided,Confirmed] - Assigned to Eric Brown (ericwb)14:03
*** sigmavirus24_awa is now known as sigmavirus2414:06
*** salv-orlando has joined #openstack-security14:15
*** tmcpeak has joined #openstack-security14:42
*** ninag_ has quit IRC14:55
*** ninag has joined #openstack-security14:55
*** ninag has quit IRC14:59
*** jhfeng has joined #openstack-security15:10
*** edtubill has quit IRC15:13
*** liverpooler has quit IRC15:17
*** browne has joined #openstack-security15:29
*** ninag has joined #openstack-security15:31
*** bpokorny has joined #openstack-security15:42
*** austin987 has quit IRC15:50
*** browne has quit IRC15:51
*** pdesai has joined #openstack-security16:00
*** avarner__ has quit IRC16:23
*** avarner has joined #openstack-security16:27
*** avarner_ has joined #openstack-security16:28
*** avarner has quit IRC16:32
*** browne has joined #openstack-security16:38
chair6hey @ykotko, i took another look at your bug and it looks like our docs haven't kept up very well with recent changes around bandit config/profiles16:46
chair6what are you actually trying to do?  run bandit against openstack/fuel-web.git but exclude a few specific tests?16:47
*** pdesai has quit IRC16:53
chair6in that case, you should just be able to drop a .bandit file in fuel-web and point bandit at it.. i'll drop a comment on the bug16:58
*** sigmavirus24 is now known as sigmavirus24_awa17:02
*** jass93 has joined #openstack-security17:02
*** avarner_ has quit IRC17:16
openstackgerritMichael Dong proposed openstack/syntribos: added Solum payloads  https://review.openstack.org/29247717:16
ykotko@chair6: I am trying to generate bandit.yaml with necessary  excludes17:17
ykotkothen use it  for scaning17:17
ykotkobut the tests from excludes using as well17:18
ykotkoand if use -p parameter got the traceback17:20
ykotkosee the description17:21
ykotkoI can reproduce it again17:21
*** avarner has joined #openstack-security17:22
chair6yeah, i repro'd too17:23
chair6seems our docs and code don't line up, due to recent config/profile changes17:24
chair6i'll have to sync up with the bandit team on where we're at17:25
tmcpeakchair6: which bug?17:25
*** tkelsey has joined #openstack-security17:26
ykotko<ykotko> @tmcpeak: can you look at  https://bugs.launchpad.net/bandit/+bug/155411217:27
openstackLaunchpad bug 1554112 in Bandit "After excluding plugin from the bandit.yaml it still was used during the scaning" [Undecided,Confirmed] - Assigned to Eric Brown (ericwb)17:27
tkelseybrowne: hey man, you about?17:27
browneyep, what's up17:27
tkelseyjust wanted to sync up on https://review.openstack.org/#/c/281560/17:27
tkelseywhats the deal here?17:27
tmcpeakykotko: did you intend to use the profile?17:28
tmcpeakoh nevermind17:28
tmcpeakactually reading17:28
brownetkelsey: so the remaining issue is a problem in blacklist import where the importing of Crypto did not raise an issue before, but now it is17:29
tkelseyoh i see17:29
browneand we apparently had no functional tests for it.17:29
browneso, i was wondering whether we should drop Crypto from the blacklist import since i'm not even sure why we raise an issue on it17:29
tkelseyyeah, Let me have a check and see, but that sounds like the right more17:30
tkelsey*move17:30
tkelsey"Consider possible security implications associated with these modules" ... so its just an FYI, lets drop it17:32
tkelseyi think there are explicit checks for band cypher modes and the like17:33
tkelseyyeah there are, that should be sufficient. I'll make a patch to drop the FYI17:33
tmcpeakykotko: if you exclude by ID (B110) does it work?17:34
tkelseytmcpeak: anything I can help with?17:34
brownetkelsey: cool, i'll put up a patch17:36
tmcpeaktkelsey: we're looking at this: https://bugs.launchpad.net/bandit/+bug/155411217:36
openstackLaunchpad bug 1554112 in Bandit "After excluding plugin from the bandit.yaml it still was used during the scaning" [Undecided,Confirmed] - Assigned to Eric Brown (ericwb)17:36
tmcpeakalso it looks like our config generator isn't exporting section titles anymore17:36
tkelseybrowne: im just about to :)17:36
tmcpeakfor include and exclude17:36
brownetkelsey: ok, cool, go for it17:37
ykotkobandit -c bandit_conf.yaml -r "</path/>" -n5 -p <profile_name>17:37
ykotkogave the trace17:39
tmcpeakok we've definitely got a bug17:39
tmcpeaka few if you include the documentation sucks17:39
tkelseytmcpeak: yeah it needs fixing for the new bandit stuff :(17:40
tkelseyykotko: thanks for reporting the issue, we will look to fix it17:40
tmcpeakykotko: yeah good catch17:40
tmcpeakthank you17:40
ykotko:)17:41
*** ninag has quit IRC17:42
*** ninag has joined #openstack-security17:43
*** ninag has quit IRC17:47
openstackgerritTim Kelsey proposed openstack/bandit: Trimming Blacklists  https://review.openstack.org/29361717:49
tkelseybrowne: ^17:49
browneoh so we did have tests on it.  strange it doesn't fail in 0.17.3, but does in our master17:50
tkelseyyeah its odd, do you want to try mixing your patch on top of that and seeing if it passes17:52
*** rcernin has quit IRC17:53
brownei'll try rebasing on your patch to make sure the integrations clear up17:54
*** salv-orl_ has joined #openstack-security17:54
tkelseybrowne: good plan, also yeah lol I'll fix the commit message17:55
*** salv-orlando has quit IRC17:56
openstackgerritTim Kelsey proposed openstack/bandit: Trimming Blacklists  https://review.openstack.org/29361717:56
*** browne has quit IRC17:59
openstackgerritTim Kelsey proposed openstack/bandit: Blacklists now check node types are valid  https://review.openstack.org/28136518:01
*** browne has joined #openstack-security18:02
openstackgerritTim Kelsey proposed openstack/bandit: Blacklists now check node types are valid  https://review.openstack.org/28136518:03
*** ninag has joined #openstack-security18:03
*** pdesai has joined #openstack-security18:03
*** ninag has quit IRC18:04
*** ninag has joined #openstack-security18:05
*** sigmavirus24_awa is now known as sigmavirus2418:07
*** ninag has quit IRC18:09
openstackgerritEric Brown proposed openstack/bandit: Ensure error exit codes fail integrations  https://review.openstack.org/28156018:14
*** tesseract- has quit IRC18:19
*** ninag has joined #openstack-security18:25
*** ninag has quit IRC18:33
*** ninag has joined #openstack-security18:33
*** ninag has quit IRC18:34
brownetkelsey: ok, all integrations pass excpet oslo.messaging.  and that's because there's a patch for that currently waiting +2 and merge18:34
*** ninag has joined #openstack-security18:34
tkelseybrowne: got a link?18:40
*** ninag has quit IRC18:40
brownehttps://review.openstack.org/#/c/286506/18:40
openstackgerritJamie Finnigan proposed openstack/bandit: Fix typos in CLI output  https://review.openstack.org/29364518:45
chair6^ uggh, now i'm the typo nit fixer.. but that one was triggering my ocd :)18:47
tmcpeakchair6: why, you don't like exculde?18:51
tmcpeakit's spanish for something I'm sure18:52
tmcpeakit means "exclude the" in Romanian ;)18:52
*** amit2131 has quit IRC18:55
*** amit213 has joined #openstack-security18:55
chair6hah18:57
openstackgerritMerged openstack/bandit: Fix typos in CLI output  https://review.openstack.org/29364519:13
openstackgerritMerged openstack/bandit: Pass environment variables of proxy to tox  https://review.openstack.org/28617719:13
*** salv-orl_ has quit IRC19:15
*** ninag has joined #openstack-security19:15
*** browne has quit IRC19:19
*** ninag has quit IRC19:19
*** browne has joined #openstack-security19:22
*** kro_sniffles is now known as kro_mnckn_doc19:27
*** ninag has joined #openstack-security19:36
*** browne has quit IRC19:42
*** ig0r_ has quit IRC19:55
*** salv-orlando has joined #openstack-security20:01
*** bpokorny_ has joined #openstack-security20:12
*** bpokorny has quit IRC20:13
*** bpokorny_ has quit IRC20:15
*** bpokorny has joined #openstack-security20:15
*** avarner has quit IRC20:20
*** bpokorny has quit IRC20:20
*** bpokorny has joined #openstack-security20:20
*** avarner has joined #openstack-security20:23
*** cleong has quit IRC20:50
*** ninag has quit IRC21:00
*** bpokorny has quit IRC21:03
*** bpokorny has joined #openstack-security21:03
*** mvaldes has joined #openstack-security21:09
*** browne has joined #openstack-security21:16
*** kro_mnckn_doc has quit IRC21:19
*** tkelsey has quit IRC21:41
openstackgerritMerged openstack/bandit: Trimming Blacklists  https://review.openstack.org/29361721:48
*** sigmavirus24 is now known as sigmavirus24_awa21:48
*** pdesai has quit IRC21:56
*** jass93_ has joined #openstack-security22:02
*** jass93 has quit IRC22:03
openstackgerritMerged openstack/syntribos: added Solum payloads  https://review.openstack.org/29247722:19
*** mvaldes has quit IRC22:28
*** edmondsw has quit IRC22:43
*** karlamrhein has joined #openstack-security23:02
*** krotscheck has joined #openstack-security23:11
openstackgerritEric Brown proposed openstack/bandit: Update command line help baseline report  https://review.openstack.org/28955323:11
*** karlamrhein has quit IRC23:25
*** jhfeng has quit IRC23:39
*** salv-orl_ has joined #openstack-security23:54
*** salv-orlando has quit IRC23:57
*** austin987 has joined #openstack-security23:59
« Tuesday, 2016-03-15 Index Thursday, 2016-03-17 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!