Thursday, 2019-01-17

« Wednesday, 2019-01-16 Index Friday, 2019-01-18 »
*** macza has quit IRC00:07
*** dave-mccowan has quit IRC00:49
*** dave-mccowan has joined #openstack-security00:51
gagehugofungi lhinds: I won't be around for the security IRC meeting tomorrow, had something come up01:12
*** dave-mccowan has quit IRC01:15
*** freerunner has joined #openstack-security02:46
*** rcernin has quit IRC05:05
*** rcernin has joined #openstack-security05:07
*** jaosorior has joined #openstack-security05:15
*** Bhujay has joined #openstack-security05:20
*** Bhujay has quit IRC05:21
*** Bhujay has joined #openstack-security05:21
*** Bhujay has quit IRC06:07
*** Bhujay has joined #openstack-security06:07
*** Bhujay has quit IRC06:08
*** Bhujay has joined #openstack-security06:08
*** Bhujay has quit IRC06:10
*** Bhujay has joined #openstack-security06:10
*** Bhujay has quit IRC06:11
*** Bhujay has joined #openstack-security06:11
*** Bhujay has quit IRC06:13
*** Bhujay has joined #openstack-security06:13
*** Bhujay has quit IRC06:14
*** Bhujay has joined #openstack-security06:14
*** Bhujay has quit IRC06:16
*** Bhujay has joined #openstack-security06:16
*** Bhujay has quit IRC06:17
*** Bhujay has joined #openstack-security06:17
*** Bhujay has quit IRC06:19
*** Bhujay has joined #openstack-security06:19
*** Bhujay has quit IRC06:20
*** Bhujay has joined #openstack-security06:20
*** Bhujay has quit IRC06:22
*** Bhujay has joined #openstack-security06:22
*** Bhujay has quit IRC06:23
*** Bhujay has joined #openstack-security06:23
*** Luzi has joined #openstack-security06:43
*** threestrands has quit IRC07:17
*** rcernin has quit IRC07:20
*** pcaruana has joined #openstack-security07:36
*** Bhujay has quit IRC08:13
*** Bhujay has joined #openstack-security08:56
*** lhinds has quit IRC09:31
*** lhinds has joined #openstack-security09:34
*** ssbarnea|rover has joined #openstack-security10:34
ssbarnea|roveri wonder if this counts as a security issue: https://review.openstack.org/#/q/owner:lijunjie%2540cloudin.cn+status:open10:36
*** Bhujay has quit IRC10:37
ssbarnea|roverthis could easily count as a DoS attack on openstack test infrastructure as such changes would keep our infra busy for a very long time, delaying testing and merges of more important patches.10:38
ssbarnea|roverprobably this is not a real attack, but is not an unique example, seen lots of similar ones and almost always from China users (based on names or emails).10:39
*** v12aml has joined #openstack-security10:52
*** Bhujay has joined #openstack-security10:53
*** openstackgerrit has joined #openstack-security10:56
openstackgerritAlexandra Settle proposed openstack/security-doc master: add info about expired tokens validation  https://review.openstack.org/61487110:56
fungisean-k-mooney: sorry, i missed your question from tuesday until just now... which bug?12:33
*** Bhujay has quit IRC12:34
*** Bhujay has joined #openstack-security12:35
*** Bhujay has quit IRC12:36
*** Bhujay has joined #openstack-security12:36
fungissbarnea|rover: it's not a real attack as 1. the individuals in question are almost certainly unaware of the test impact of their actions (just looking to contribute and don't know how to be productive), 2. zuul/gerrit admins can easily dequeue and/or abandon their changes if needed, and 3. if we ask them to stop and they don't then we can disable their accounts and reach out to their employers12:37
*** Bhujay has quit IRC12:37
fungirecently the majority of those seem to have been coming from employees of 99cloud (a china-based company), yes12:38
ssbarnea|roverso a message should be enough.12:39
fungiyes, we've had the first contact sig reaching out to individuals like that and trying to find them more productive work12:39
ssbarnea|rovermaybe they boss set a quota for number of reviews? or they want to boos https://www.stackalytics.com stats :D12:40
*** Bhujay has joined #openstack-security12:40
fungithat's been one of the more cynical assertions, yes12:40
fungiyou certainly wouldn't be the first to suggest that possibility anyway12:40
ssbarnea|roverwow, it seems to be working, they are no3 :D12:40
*** Bhujay has quit IRC12:42
ssbarnea|roverfungi: we can close the subject. i have practical things to fix.12:42
fungiindeed ;)12:42
*** irclogbot_2 has quit IRC12:48
*** irclogbot_2 has joined #openstack-security12:58
*** irclogbot_2 has quit IRC13:12
*** irclogbot_2 has joined #openstack-security13:27
*** edmondsw_ has joined #openstack-security13:27
*** edmondsw has quit IRC13:29
*** edmondsw_ is now known as edmondsw13:29
*** irclogbot_2 has quit IRC13:35
*** irclogbot_2 has joined #openstack-security13:49
*** Luzi has quit IRC15:33
*** jaosorior has quit IRC15:56
*** dave-mccowan has joined #openstack-security16:28
*** macza has joined #openstack-security16:28
*** dave-mccowan has quit IRC16:31
*** robbbe has joined #openstack-security17:44
*** robbbe has quit IRC19:19
*** pcaruana has quit IRC20:09
*** irclogbot_2 has quit IRC20:37
*** irclogbot_2 has joined #openstack-security20:48
openstackgerritMerged openstack/security-doc master: add info about expired tokens validation  https://review.openstack.org/61487120:52
*** openstackgerrit has quit IRC20:56
*** threestrands has joined #openstack-security21:36
*** rcernin has joined #openstack-security22:02
*** threestrands has quit IRC23:04
*** threestrands has joined #openstack-security23:56
« Wednesday, 2019-01-16 Index Friday, 2019-01-18 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!