Tuesday, 2020-11-17

« Monday, 2020-11-16 Index Wednesday, 2020-11-18 »
*** tosky has quit IRC00:06
gmanno/01:04
*** iurygregory has quit IRC01:32
*** johnsom has quit IRC04:46
*** johnsom has joined #openstack-tc04:49
*** johnsom has quit IRC05:18
*** johnsom has joined #openstack-tc05:19
*** aprice has quit IRC05:27
*** aprice has joined #openstack-tc05:27
*** evrardjp has quit IRC05:33
*** evrardjp has joined #openstack-tc05:33
*** njohnston has quit IRC06:03
*** johnsom has quit IRC06:27
*** johnsom has joined #openstack-tc06:27
*** rm_work has quit IRC07:26
*** rm_work has joined #openstack-tc07:28
*** ralonsoh has joined #openstack-tc07:43
*** gagehugo has quit IRC07:51
*** gagehugo has joined #openstack-tc07:51
*** slaweq has joined #openstack-tc07:58
*** rpittau|afk is now known as rpittau08:05
*** dklyle has quit IRC08:06
*** iurygregory has joined #openstack-tc08:52
*** tosky has joined #openstack-tc08:56
*** e0ne has joined #openstack-tc11:08
*** slaweq has quit IRC11:56
*** slaweq has joined #openstack-tc11:57
*** ianychoi_ has quit IRC12:10
*** lpetrut has joined #openstack-tc12:24
*** Luzi has joined #openstack-tc12:36
*** njohnston has joined #openstack-tc14:02
ricolino/14:06
*** Luzi has quit IRC14:18
gmanno/14:24
*** lbragstad__ has quit IRC14:37
*** lbragstad has joined #openstack-tc14:40
gmann5 projects left for gerrit breach audit. Zun did but did not update on ML yet so i asked hongbin to do that.14:52
gmannkeystone might have done it. knikolla ?14:53
gmannknikolla:  this one https://etherpad.opendev.org/p/code-audit-gerrit-breach-tracker14:53
*** lpetrut has quit IRC15:16
*** dklyle has joined #openstack-tc15:34
knikollagmann: sorry, i just responded to the mailing list mail saying i did it and all looks good.15:59
*** bnemec has quit IRC16:16
fungilooks like chef and zun can be crossed off too16:23
fungithe responses for those were caught in the ml moderation queue16:24
knikollafungi: does the methodology i used in https://docs.google.com/spreadsheets/d/1m_ggjfZZpzInLrfN9p4dDuv7EkigrERGBlqN3jxnBeE/edit#gid=332092178 look good for the purposes of the audit?16:24
gmannknikolla: thanks16:27
fungiknikolla: it's probably overkill. we already scripted a complete check that all the git commit ids belong to merged changes in gerrit16:28
fungibut yeah, looking at the approvers and patch content is relevant16:28
*** iurygregory has quit IRC16:29
knikollathere were only 3 changes, so it wasn't that much to do16:29
fungithat was the case for a lot of projects since it happened during release freeze16:29
fungi(lukcily)16:30
fungi(er, luckily)16:30
fungibasically we did a bunch of analysis (before we turned anything back on) and ruled out the possibility that commits might have been pushed directly into the repositories bypassing review/gating, and that any changes to group membership allowed accounts to approve changes when they shouldn't have been able to, what we couldn't rule out is that someone's account gerrit rest api credentials were used to16:34
fungireview/approve changes without their knowledge16:34
fungiso that's basically what projects needed to be on the lookout for: changes they didn't remember reviewing/approving but gerrit says they did16:35
knikollaGot it! Makes sense.16:47
*** bnemec has joined #openstack-tc16:50
*** iurygregory has joined #openstack-tc17:19
*** e0ne has quit IRC17:22
*** rpittau is now known as rpittau|afk17:27
*** cloudnull is now known as kecarter18:36
*** kecarter is now known as cloudnull18:36
*** smcginnis has quit IRC20:24
*** smcginnis has joined #openstack-tc21:59
*** ralonsoh has quit IRC22:03
*** slaweq has quit IRC23:21
*** tosky has quit IRC23:58
« Monday, 2020-11-16 Index Wednesday, 2020-11-18 »

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!