Tuesday, 2016-07-12

« Monday, 2016-07-11 Index Wednesday, 2016-07-13 »
unrahulI still can't believe that I assumed log initialization was in init..00:00
unrahuli think i dreamt that up00:00
unrahul:o00:00
openstackgerritRahul U Nair proposed openstack/syntribos: Modifying checks to use test objects  https://review.openstack.org/34060200:23
*** ccneill has quit IRC00:29
*** deblike has quit IRC00:36
*** vinaypotluri has quit IRC01:11
*** tmcpeak has quit IRC01:22
*** zul has quit IRC01:50
*** zul_ has joined #openstack-security02:01
*** zul has joined #openstack-security02:02
*** zul_ has quit IRC02:10
*** browne has quit IRC02:17
*** dave-mccowan has quit IRC02:20
*** diazjf has joined #openstack-security02:21
*** elmiko is now known as _elmiko02:24
*** deblike has joined #openstack-security02:32
*** vinaypotluri has joined #openstack-security02:43
*** deblike has quit IRC02:53
*** tmcpeak has joined #openstack-security03:21
openstackgerritTravis McPeak proposed openstack/bandit: Adding missing section to documentation about gen_config  https://review.openstack.org/34057403:23
*** markvoelker has joined #openstack-security03:32
*** markvoelker_ has joined #openstack-security03:35
*** markvoelker has quit IRC03:38
*** diazjf has quit IRC03:39
*** markvoelker has joined #openstack-security03:46
*** markvoelker_ has quit IRC03:49
*** tmcpeak has quit IRC04:25
*** d0ugal has quit IRC05:01
*** markvoelker_ has joined #openstack-security05:16
*** markvoelker has quit IRC05:19
*** woodburn has quit IRC05:21
*** sdake_ has joined #openstack-security05:25
*** liverpooler has joined #openstack-security05:36
*** markvoelker_ has quit IRC05:45
*** rcernin has joined #openstack-security05:58
*** d0ugal has joined #openstack-security06:04
*** unrahul has quit IRC06:32
*** d0ugal has quit IRC06:43
*** sdake_ has quit IRC06:49
*** tesseract- has joined #openstack-security07:00
*** pcaruana has joined #openstack-security07:00
*** vinaypotluri has quit IRC07:21
openstackgerritOpenStack Proposal Bot proposed openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/34079309:00
openstackgerritMerged openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/34079309:26
*** d0ugal has joined #openstack-security10:03
openstackgerritOpenStack Proposal Bot proposed openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/34083410:10
*** sdake has joined #openstack-security11:07
*** sdake_ has joined #openstack-security11:08
*** sdake has quit IRC11:13
*** sdake_ has quit IRC12:16
*** markvoelker has joined #openstack-security12:34
*** edmondsw has joined #openstack-security12:58
*** _elmiko is now known as elmiko13:01
*** cleong has joined #openstack-security13:17
*** dave-mccowan has joined #openstack-security13:21
*** d0ugal_ has joined #openstack-security13:30
*** d0ugal has quit IRC13:33
*** d0ugal_ is now known as d0ugal13:35
*** d0ugal is now known as Guest6571513:36
*** Guest65715 has quit IRC13:36
*** d0ugal_ has joined #openstack-security13:36
*** sdake_ has joined #openstack-security13:41
*** d0ugal_ has quit IRC13:44
*** d0ugal has joined #openstack-security13:44
*** mvaldes has joined #openstack-security13:46
openstackgerritMerged openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/34083413:46
*** vponomaryov has joined #openstack-security13:56
vponomaryovHello everyone, can someone please spill the light on the security bug fixes proposals, I have read doc https://security.openstack.org/#vulnerability-management but it is unclear when security bug can be "remediated" and "published".13:59
vponomaryovand is it correct to say that if project that has vulnerability is not in the list http://governance.openstack.org/reference/tags/vulnerability_managed.html then drivers of that project decide on their own?14:06
*** markvoelker has quit IRC14:11
*** sigmavirus has quit IRC14:15
*** _sigmavirus24 has joined #openstack-security14:16
*** _sigmavirus24 is now known as sigmavirus14:19
*** sigmavirus has joined #openstack-security14:19
*** aastha has joined #openstack-security14:26
*** woodburn has joined #openstack-security14:27
*** tmcpeak has joined #openstack-security14:28
*** jmckind has joined #openstack-security14:30
*** markvoelker has joined #openstack-security14:30
*** tmcpeak has quit IRC14:34
*** diazjf has joined #openstack-security14:39
*** vinaypotluri has joined #openstack-security14:39
*** diazjf has quit IRC14:45
*** diazjf has joined #openstack-security14:54
*** yaya has joined #openstack-security15:11
*** ametts has joined #openstack-security15:21
*** jmckind_ has joined #openstack-security15:23
*** jmckind has quit IRC15:26
*** yaya has quit IRC15:27
*** sdake_ has quit IRC15:36
*** sdake_ has joined #openstack-security15:36
*** diazjf has left #openstack-security15:37
gmurphyvponomaryov:  so if the project does not have a vulnerability managed governance tag typically the disclosure process is not driven by the vmt15:37
gmurphywe can help you get a cve assigned15:37
gmurphyand if the issue is still private we can also give you a list of key stakeholders that get pre-disclosure about security issues.15:38
gmurphyan example of a team that has disclosed their own vulnerabilities is designate with this - http://www.openwall.com/lists/oss-security/2015/07/28/715:38
gmurphythere have been a couple of others as well.15:39
gmurphyi'm just trying to think now which ones they were…15:39
gmurphyanyway if you have any questions feel free to reach out to myself, tristanC, fungi or notmorgan15:40
*** mdong has joined #openstack-security15:55
*** pcaruana has quit IRC16:00
*** yaya has joined #openstack-security16:03
*** rcernin has quit IRC16:03
vponomaryovgmurphy: thank you for information16:03
gmurphyno problem.16:03
*** jmckind_ has quit IRC16:04
vponomaryovgmurphy: yes, issue is still private16:04
vponomaryovgmurphy: in "manila UI" project16:05
*** unrahul has joined #openstack-security16:07
*** liverpooler has quit IRC16:08
*** sdake_ has quit IRC16:09
*** tesseract- has quit IRC16:09
gmurphyok. so i think fungi is the best person to talk to regarding the pre-disclosure part ( if you want to do that as a part of your disclosure )16:10
*** jmckind has joined #openstack-security16:10
gmurphyor maybe tristanC. i'm not so familiar with how the new mailing list works that they setup16:10
*** dave-mccowan has quit IRC16:10
*** sdake_ has joined #openstack-security16:10
*** liverpooler has joined #openstack-security16:10
*** deblike has joined #openstack-security16:11
unrahulvinaypotluri: do we have the meeting ?16:19
unrahulvidyo is giving me issues16:20
unrahulmdong: do we have the meeting today?16:21
vponomaryovmurphy: ok, will try to reach out to them16:21
*** sdake_ has quit IRC16:24
*** d0ugal has quit IRC16:24
unrahulmdong:  so. it got disconnected again..16:25
unrahuli guess thats it..16:25
unrahul:)16:25
*** jmckind has quit IRC16:25
vinaypotlurii have issues with vidyo too16:25
vinaypotluriunrahul where are you guys sitting ?16:26
*** jmckind has joined #openstack-security16:26
unrahuli guess the meeting is over..16:26
unrahulit was crashing all over the place16:26
unrahulso tht s fine16:26
mdong+116:27
*** ninag has joined #openstack-security16:27
*** jmckind has quit IRC16:28
*** catintheroof has joined #openstack-security16:28
*** jmckind has joined #openstack-security16:28
*** jmckind has quit IRC16:29
*** jmckind has joined #openstack-security16:30
*** ninag has quit IRC16:32
*** jmckind has quit IRC16:35
*** jmckind has joined #openstack-security16:36
*** sdake_ has joined #openstack-security16:40
*** jmckind has quit IRC16:41
*** yaya has quit IRC16:42
*** mvaldes has quit IRC17:02
*** yaya has joined #openstack-security17:15
*** sdake_ has quit IRC17:17
*** jmckind has joined #openstack-security17:19
*** hwpplayer1 has joined #openstack-security17:35
*** dave-mccowan has joined #openstack-security17:39
*** yaya has quit IRC17:46
*** browne has joined #openstack-security17:58
*** mvaldes has joined #openstack-security18:03
*** yaya has joined #openstack-security18:09
*** liverpooler has quit IRC18:11
*** sdake_ has joined #openstack-security18:11
*** hwpplayer1 has left #openstack-security18:26
*** agireud has quit IRC18:30
*** agireud has joined #openstack-security18:31
*** sdake_ has quit IRC18:32
*** sdake_ has joined #openstack-security18:33
*** sdake_ has quit IRC19:08
*** sdake_ has joined #openstack-security19:26
*** FredStockton has joined #openstack-security19:31
*** sdake_ has quit IRC20:01
*** dave-mccowan has quit IRC20:05
*** dave-mccowan has joined #openstack-security20:07
*** markvoelker has quit IRC20:49
*** markvoelker has joined #openstack-security21:00
*** julian1 has joined #openstack-security21:02
*** Trident has joined #openstack-security21:13
browneanybody security talks for the summit?21:19
browneanybody doing security talks for the summit?21:19
*** mdong has quit IRC21:20
*** julian1 has quit IRC21:20
*** rcernin has joined #openstack-security21:21
*** mdong has joined #openstack-security21:21
*** jmckind has quit IRC21:30
*** cleong has quit IRC21:43
*** deblike has quit IRC21:43
*** FredStockton has left #openstack-security21:44
*** ametts has quit IRC21:49
*** dave-mccowan has quit IRC21:54
*** markvoelker has quit IRC21:59
*** markvoelker has joined #openstack-security22:04
gmurphybrowne: i know sicarie was thinking about a couple22:08
gmurphysomething around the security guide for one of them i think22:09
*** sicarie has joined #openstack-security22:09
gmurphyspeaking of which sicarie you doing some security talks for the summit?22:09
sicarieyeah, i’m floating a few22:10
sicariesec-guide, privacy and a 10122:10
gmurphyi think you should do a brown bag session22:10
sicarieI couldn’t figure out how to submit those22:10
sicariei’d rather do the secguide one as a brownbag22:11
gmurphywould be good to drum up more interest in the security documentation side of things i think22:11
sicarieyeah, that’s the aim22:11
sicariei am going to sit down in the next day or two and look at what all should really be done in the short term22:11
*** yaya has quit IRC22:13
sicariei don’t have backscroll on my client - anyone else planning anything?22:16
sicariegood talk22:18
*** mvaldes has quit IRC22:19
gmurphyhahah22:30
gmurphythat's my line22:30
gmurphyi'm thinking of submitting something random22:30
gmurphybeen thinking a bunch about osquery lately. was thinking about writing a bunch of query packs for osqueryd around openstack specific things.22:31
gmurphyspecifically looking for indicators of compromise or unauthorized changes to the environment22:31
gmurphysicarie: what do you think about that?22:32
sicarieThat would be cool22:33
gmurphymaybe. although i probably should actually do the thing before i submit a talk about it22:33
gmurphyor not22:33
sicarieyou could always just get all hand-waivey if you need to22:34
*** rcernin has quit IRC22:35
gmurphythe submission process is kind of involved this year…22:35
gmurphyprovide links and stuff22:36
*** zul has quit IRC22:36
sicarieruh-roh, I haven’t looked at it yet22:36
*** zul has joined #openstack-security22:37
*** markvoelker has quit IRC23:00
*** markvoelker has joined #openstack-security23:06
*** catintheroof has quit IRC23:09
*** sicarie has quit IRC23:10
openstackgerritRahul U Nair proposed openstack/syntribos: Modifying checks to use test objects  https://review.openstack.org/34060223:29
*** mdong has quit IRC23:40
openstackgerritRahul U Nair proposed openstack/syntribos: Modifying checks to use test objects  https://review.openstack.org/34060223:48
« Monday, 2016-07-11 Index Wednesday, 2016-07-13 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!