Tuesday, 2014-08-26

*** bknudson has joined #openstack-security00:04
*** tmcpeak has quit IRC00:23
*** amrith has left #openstack-security00:29
*** bdpayne has joined #openstack-security02:20
*** dmccowan has quit IRC03:36
*** gnef has joined #openstack-security04:52
*** gnef has quit IRC04:52
*** gnef has joined #openstack-security04:53
*** gnef has quit IRC04:53
*** gnef has joined #openstack-security04:53
*** gnef has quit IRC04:54
*** voodookid has joined #openstack-security04:55
*** voodookid has quit IRC05:47
*** bdpayne has quit IRC05:50
*** bdpayne has joined #openstack-security05:54
openstackgerritA change was merged to openstack/security-doc: Improve wording of Object Storage chapter para  https://review.openstack.org/11515206:36
openstackgerritA change was merged to openstack/security-doc: Adding Server section and FIM to integrity lifestyle  https://review.openstack.org/11669706:36
*** bdpayne has quit IRC06:59
openstackgerritOpenStack Proposal Bot proposed a change to openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/11681307:27
*** jamielennox is now known as jamielennox|away08:03
*** fishcried has joined #openstack-security08:21
*** fishcried has quit IRC08:30
*** fishcried has joined #openstack-security08:31
*** fishcried has left #openstack-security08:32
*** fishcried has joined #openstack-security08:32
*** fishcried has quit IRC08:33
*** fishcried has joined #openstack-security08:49
*** fishcried has quit IRC08:53
*** fishcried has joined #openstack-security08:54
*** fishcried has quit IRC10:04
*** dmccowan has joined #openstack-security12:13
*** dmccowan has quit IRC12:19
*** dmccowan has joined #openstack-security12:20
*** kaliya has joined #openstack-security12:57
*** dmccowan_ has joined #openstack-security13:04
*** dmccowan has quit IRC13:05
*** dmccowan_ is now known as dmccowan13:05
*** bknudson has quit IRC13:06
*** nkinder has quit IRC13:18
*** voodookid has joined #openstack-security13:25
*** dmccowan has quit IRC13:36
*** voodookid has quit IRC13:52
*** dmccowan has joined #openstack-security13:54
*** bknudson has joined #openstack-security14:10
*** nkinder has joined #openstack-security14:12
*** gnef has joined #openstack-security14:50
*** voodookid has joined #openstack-security15:00
*** dmccowan has quit IRC15:30
*** tmcpeak has joined #openstack-security15:33
*** bdpayne has joined #openstack-security16:12
*** nkinder has quit IRC16:41
bdpayneI think we need some security people in this deck: http://www.metacloud.com/voting-ends-friday-people-openstack-card-deck-sneak-peek/17:11
*** rlpple has joined #openstack-security17:18
*** rlpple has quit IRC17:21
*** rlpple has joined #openstack-security17:21
*** dmccowan has joined #openstack-security17:25
*** bdpayne has quit IRC18:04
*** nkinder has joined #openstack-security18:04
*** bdpayne has joined #openstack-security18:04
*** dmccowan has quit IRC18:49
tmcpeakhey guys, want to share a design session?  looks like there are only 6-919:12
tmcpeakI'd like to do some gate test stuff, but doubt that would be enough to fill one of those slots alone19:12
tmcpeak"The wonderful things OSSG does for YOU"19:13
tmcpeak1) OSSN19:13
tmcpeak2) the guide19:13
tmcpeak3) threat modeling19:13
tmcpeak4) gate testing19:13
tmcpeakhyakuhei_ nkinder bdpayne19:15
nkindertmcpeak: I do think gate tests should be at least a part of a session19:16
tmcpeakyeah, they will be imminently useful going forward I think19:16
tmcpeakI'm working on building out Bandit19:16
tmcpeakgoing to add sudo without rootwrap tests soon19:17
nkindertmcpeak: cool, what are you adding right now?19:17
bdpayneperhaps session on secure coding best practices19:17
tmcpeakbdpayne: +119:17
nkinderbdpayne: +1  That's a full session IMHO19:17
bdpayneyeah, it is19:17
bdpaynethe issue that I have19:17
bdpayneis that it isn't really a design session per se19:17
tmcpeakit isn't?19:17
bdpaynethey tend to frown on people just getting up there and talking the whole time19:17
bdpaynethey typically go for no slides, and lots of white board / etherpad collaboration19:18
bdpaynethough I think it would be valuable19:18
nkindertmcpeak: I would suggest running bandit against other python projects.  I found a crash in bandit's wildcard injection test when running it against FreeIPA last week.19:18
bdpaynemight be worth chatting with someone like Thierry about it19:18
tmcpeaknkinder: I found the same one Friday :) you beat me to a patch by about 3 days19:18
nkinderYeah, design sessions are typically collaborative19:18
tmcpeakwell then getting gate tests integrated into whatever project you hold close to your heart would be good for one, right?19:19
nkindertmcpeak: yes, though I hope to have that done before the summit19:20
tmcpeakit sounds like description is "do things to help prepare for Kilo"19:20
tmcpeakso maybe we could do a wrap up by then, which projects don't have them yet and why not19:20
tmcpeakdo things to prepare for Kilo: btw guys, here you you write secure code.  Start doing it, mkay?19:21
tmcpeak*here's how19:22
tmcpeakmy summit talk didn't make it so I dunno if I'll be there or not, but I'd love to help anyway19:23
*** use has joined #openstack-security19:30
*** use has quit IRC19:30
*** dmccowan has joined #openstack-security19:45
*** dmccowan_ has joined #openstack-security19:49
*** dmccowan has quit IRC19:49
*** dmccowan_ is now known as dmccowan19:49
*** gnef has quit IRC20:29
tmcpeakhey, do we have a preferred way to create file permissions?20:36
*** HimechiSama has joined #openstack-security20:41
*** HimechiSama has quit IRC20:41
*** rlpple has quit IRC20:58
*** bknudson has quit IRC22:13
*** chair6_ has joined #openstack-security22:21
*** chair6 has quit IRC22:22
*** tmcpeak has quit IRC22:23
*** openstackgerrit has quit IRC22:43
*** tmcpeak has joined #openstack-security22:58
tmcpeakbdpayne: what's the haps with the ops?22:58
tmcpeakthe reign of terror of Gabriela appears to have subsided momentarily, but it's probably just regaining strength22:59
bdpaynetmcpeak Not clear... someone thought they added me, but I don't have privs23:00
bdpaynewe'll sort it out eventually23:00
tmcpeakcan you +o yourself?23:01
bdpayneyou say that like I know what you mean :-)23:03
bdpayneseriously though... what does that mean?23:03
tmcpeakbdpayne: there are commands23:03
tmcpeakbdpayne: let me dig it up23:03
tmcpeakbdpayne: /mode #mychan +oooo nick1 nick2 nick3 nick423:04
*** voodookid has quit IRC23:04
bdpayneSo I got "#openstack-security You're not a channel operator"23:07
tmcpeakbdpayne: how about this: /msg ChanServ ACCESS #openstack-security ADD bdpayne FOUNDER23:10
tmcpeakfrom this page: http://wiki.foonetic.net/wiki/ChanServ_Commands23:10
bdpayne"You are not allowed to set +FRis on bdpayne in #openstack-security."23:11
bdpayneit looks like I'm just a regular guy23:11
tmcpeakdo the same with SOP instead of FOUNDER23:11
bdpaynestill no go23:14
*** Abby has joined #openstack-security23:15
*** Abby is now known as Guest8293023:15
nkinderbdpayne: I ran the command from the review, and I can see that you are on some admin list23:16
*** Guest82930 has quit IRC23:16
nkinderbdpayne: 11    bdpayne                +Afortv [modified 21 hours, 8 minutes, 8 seconds ago]23:16
nkinderbdpayne: don't use FOUNDER23:17
bdpayneI tried SOP too, same result23:18
tmcpeakwell, going down the line we have "AOP"23:19
tmcpeakthat's the minimum for AutoOP which we want23:19
nkinderyeah, AOP seems right23:19
bdpayneAOP didn't give me an error23:28
bdpayneI may need to log out and in to get the privs?23:28
tmcpeakbdpayne: yeah23:29
tmcpeakor even just leave the channel and come back should do it23:30
*** fishcried has joined #openstack-security23:30
*** bdpayne has quit IRC23:33
*** bdpayne has joined #openstack-security23:34
bdpaynehrm, still no privs23:35
*** bknudson has joined #openstack-security23:37
*** fishcried has quit IRC23:37
*** fishcried has joined #openstack-security23:38
tmcpeakbdpayne: strange23:40
tmcpeakbdpayne: can you run this: /cs set #channel xop on23:41
bdpayneinvalid command23:42
tmcpeakhmm, ok23:42
tmcpeakbdpayne: /cs aop #channel add nickname23:42
bdpaynes: /cs set #openstack-security xop on23:45
bdpayneyeah, still seeing invalid commands23:46

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!