Wednesday, 2014-09-03

« Tuesday, 2014-09-02 Index Thursday, 2014-09-04 »
*** nkinder has joined #openstack-security00:03
tmcpeakMr. nkinder00:03
tmcpeakyou got a minute?00:03
nkindertmcpeak: yeah, what's up00:04
nkinderthough the "Mr." makes me think you might be a bot... :)00:05
tmcpeakhow do you feel about this for config file format:00:05
tmcpeakhaha00:05
tmcpeakHOLA00:05
nkinderdid I win the lottery?00:05
tmcpeakprofiles:00:05
tmcpeak    Generic:00:05
tmcpeak        include: none00:05
tmcpeak        exceptions:00:05
tmcpeak            - test_bad_names00:05
tmcpeak            - test_chmod00:05
tmcpeak    OpenStack:00:05
tmcpeak        include: all00:05
tmcpeakso Generic just runs test_bad_names and test_chmod00:05
tmcpeakOpenStack runs everything00:05
*** voodookid has joined #openstack-security00:05
tmcpeakthen you could do default include or exclude00:05
nkinderso exceptions are exceptions to what is in include?00:06
tmcpeakyep00:06
nkindercan include list individual tests?00:06
tmcpeakthe way I'm thinking no00:06
tmcpeakif you want to do individual tests you either include all or exclude all and then make exceptions00:07
tmcpeakbut if that's confusing I'm down to rethink it00:07
nkinderok, that's slightly counter intuitive, but works00:07
tmcpeakcounter intuitive is bad, mkay?00:07
nkinderwhy not "includes" and "excludes"?00:07
tmcpeakI just don't want to get into some logic puzzle if they put both00:07
nkinderincludes is "all" if not specific, and "excludes" is "none" if not specified00:08
tmcpeakso if they put nothing, what's the behavior00:08
nkinderall00:08
tmcpeakI see00:08
nkinderand if I put one test in "includes", that's all it runs00:08
tmcpeakso then if you only want to run 2 tests you have to specifically exclude each test?00:08
nkinderand if I just put one test in "excludes", it runs everything but that00:08
nkinderno, just list those two in "includes"00:09
tmcpeakok, what if I put one test in includes and one test in excludes00:09
nkindersame test or different?00:09
tmcpeakdifferent00:09
nkinderif different, then it only runs the one in includes00:09
nkinderbecause it wasn't excluded in the first place00:09
tmcpeakso includes runs first, makes a list00:09
nkinderform a logic/code standpoint you build up the included tests, then subtract the excluded tests00:09
tmcpeakand then excludes subtracts things from that list00:09
tmcpeakok cool00:10
tmcpeakyeah got it00:10
tmcpeakthat makes sense00:10
nkinderif an excluded test was never in the list, it's a no-op00:10
tmcpeakand includes: some test00:10
tmcpeakexcludes: all00:10
tmcpeakmeans nothing runs00:10
tmcpeakbecause all is subtracted from the one that would have ran00:10
tmcpeakok, what about if nothing is listed00:10
tmcpeakdefault include everything?00:10
tmcpeakbtw nkinder: new bandit up00:12
tmcpeakhttps://github.com/chair6/bandit00:12
nkindertmcpeak: cool! in your github fork?00:12
tmcpeakincludes decorator change00:12
tmcpeakno, Jamie's00:12
nkindernothing included == run everything00:12
tmcpeakI'll forwarn you, there was some minor f'ery with my check in00:12
tmcpeakbut neither of us had the chops to instantly know how to fix it and didn't want to bother00:12
tmcpeakhence the description 'Merge of…' in the description00:13
tmcpeakbut yeah, newest changes in :)00:13
tmcpeakso nkinder:00:19
tmcpeakGeneric:00:19
tmcpeak        include: all00:19
tmcpeak        exclude:00:19
tmcpeak            - test_bad_names00:19
tmcpeak            - test_chmod00:19
tmcpeakthe include: all here is not even necessary00:19
*** voodookid has quit IRC00:19
tmcpeaksince default is going to be include all00:19
tmcpeakright?00:19
nkindertmcpeak: yeah, but you don't even need to specify include00:19
nkinder"all" should be an implicit default00:19
tmcpeakright00:19
tmcpeakok cool00:19
nkinderif you want to set it explicitly, that's fine too of course00:19
tmcpeakcool00:20
tmcpeakwhat if you say00:20
tmcpeakinclude:00:20
tmcpeak- all00:20
tmcpeak- test_bad_names00:20
tmcpeakthen it should somehow know to just do all00:20
tmcpeakyeah, nevermind, that's easy00:20
tmcpeaknkinder: what do you think of those newest bandit changes?00:20
tmcpeakI think the auto discover is pretty slick ;)00:21
nkindertmcpeak: looks good.  I'll try to give it a run through this week00:22
tmcpeaknkinder: cool00:23
*** dmccowan has joined #openstack-security00:39
*** dmccowan_ has joined #openstack-security00:43
*** dmccowan has quit IRC00:44
*** dmccowan_ is now known as dmccowan00:44
*** tmcpeak has quit IRC00:46
*** bknudson has joined #openstack-security01:18
*** voodookid has joined #openstack-security01:38
*** voodookid has quit IRC02:11
*** voodookid has joined #openstack-security02:15
*** bdpayne has joined #openstack-security02:22
*** voodookid has quit IRC02:23
*** amrith is now known as amrith__02:25
*** dmccowan has quit IRC02:37
*** dmccowan has joined #openstack-security02:38
*** dmccowan has quit IRC03:16
*** zz_naotok is now known as naotok03:22
*** artrex has joined #openstack-security03:35
*** artrex has quit IRC03:39
*** bdpayne has quit IRC03:53
*** voodookid has joined #openstack-security03:53
*** bdpayne has joined #openstack-security03:54
*** bdpayne has quit IRC04:45
*** voodookid has quit IRC04:45
*** bdpayne has joined #openstack-security05:24
openstackgerritOpenStack Proposal Bot proposed a change to openstack/security-doc: Imported Translations from Transifex  https://review.openstack.org/11854006:01
*** bdpayne has quit IRC06:02
openstackgerritA change was merged to openstack/security-doc: Imported Translations from Transifex  https://review.openstack.org/11854006:48
openstackgerritOpenStack Proposal Bot proposed a change to openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/11848807:20
*** salv-orlando has joined #openstack-security08:41
openstackgerritA change was merged to openstack/security-doc: Add project and service names to glossary  https://review.openstack.org/11841209:39
openstackgerritA change was merged to openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/11848809:43
*** amrith__ is now known as amrith10:17
*** naotok is now known as zz_naotok10:41
*** dmccowan has joined #openstack-security12:20
*** amrith is now known as _amrith_12:28
*** dmccowan_ has joined #openstack-security12:30
*** dmccowan has quit IRC12:32
*** dmccowan_ is now known as dmccowan12:32
*** _amrith_ is now known as amrith13:10
*** nkinder has quit IRC13:11
*** bknudson has quit IRC13:26
*** bknudson has joined #openstack-security13:44
*** dmccowan has quit IRC13:48
*** nkinder has joined #openstack-security13:58
*** dmccowan has joined #openstack-security14:01
*** voodookid has joined #openstack-security14:07
*** voodookid has quit IRC14:30
*** c633 has joined #openstack-security14:32
c633hello14:32
*** c633 has quit IRC14:43
*** voodookid has joined #openstack-security14:51
*** bdpayne has joined #openstack-security15:13
*** dmccowan has quit IRC15:37
*** dmccowan has joined #openstack-security15:43
*** tmcpeak has joined #openstack-security15:50
*** bdpayne has quit IRC15:57
*** bdpayne has joined #openstack-security15:59
*** sweston_ has joined #openstack-security16:03
*** chair6_ has joined #openstack-security16:03
*** sweston has quit IRC16:08
*** erw has quit IRC16:08
*** Glass_saga_ has quit IRC16:08
*** chair6 has quit IRC16:08
*** sweston_ is now known as sweston16:08
*** erw_ has joined #openstack-security16:09
*** Glass_saga_ has joined #openstack-security16:09
*** bdpayne_ has joined #openstack-security16:17
*** bdpayne has quit IRC16:21
*** chair6_ has quit IRC16:40
*** chair6 has joined #openstack-security16:41
*** bdpayne_ has quit IRC16:44
*** bdpayne has joined #openstack-security17:08
*** bdpayne has quit IRC17:10
*** bdpayne has joined #openstack-security17:10
*** tmcpeak has quit IRC17:11
*** tmcpeak has joined #openstack-security17:13
tmcpeakso bdpyane: never were we to acquire ops, huh?17:17
bdpaynenot so much17:38
bdpayne:-(17:38
tmcpeakbdpayne: want help?17:39
tmcpeakbdpayne: I can try to track down somebody and wave my hands17:39
bdpayneI think it is just a matter of me finding the right people to pester17:39
bdpayneI appreciate the offer though17:39
paulmoHOLA &@8! :)17:39
tmcpeakhaha17:40
tmcpeakbdpayne: ok, let me know if you get sick of it and want me to take a turn17:40
bdpayneok17:41
bdpayneI just commented on the CR again17:41
tmcpeakbdpayne: cool17:52
tmcpeaknkinder: you around?17:52
nkindertmcpeak: yep17:52
tmcpeaknkinder: I'm wondering if it' important to support stupidity in these profiles17:52
nkindersuch as?17:52
tmcpeaka user can say include: all17:52
tmcpeakwhich includes all tests even though it isn't required, default is include17:53
tmcpeakthat's fine17:53
tmcpeakbut17:53
tmcpeakdo I need to support exclude: all17:53
tmcpeakwhich makes the test do nothing17:53
nkindertmcpeak: probably not17:53
tmcpeaknkinder: ok cool, I was thinking the same17:53
nkinderthere's no value in spending time on that17:53
tmcpeakyeah, I mean it isn't much time, it just makes the code slightly less nice and doesn't add anything17:54
tmcpeaknkinder: ok cool, was thinking the time.   Just wanted validation ;)17:54
tmcpeakthinking the *sam18:17
tmcpeake18:17
tmcpeakcan't type or think functionally today apparently :D18:17
*** tmcpeak has quit IRC18:28
openstackgerritOpenStack Proposal Bot proposed a change to openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/11874719:03
*** tmcpeak has joined #openstack-security19:42
openstackgerritOpenStack Proposal Bot proposed a change to openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/11874719:53
tmcpeaknkinder: new Bandit agin20:03
tmcpeakagain20:03
tmcpeaknow with profiles and yaml config20:03
tmcpeakin my branch20:03
tmcpeakhere's changes if you want to see them: https://github.com/mcpeak/bandit/compare/chair6:master...master20:03
tmcpeaka little code review would be good if you've got time20:03
chair6looks good to me! glad somebody has time to spend on this... :)20:15
*** tmcpeak has quit IRC20:22
*** tmcpeak has joined #openstack-security20:27
dmccowanHello OSSG.  I have a background in security and I'm new to OpenStack.  I'd like to contribute a security related patch to OpenStack before the summit.  Does anyone have a bug on their backlog that they'd be willing to hand off to a newbie?20:33
*** dmccowan has quit IRC20:43
tmcpeakhmm, missed him21:00
tmcpeakI just got a fresh batch of goodness I could have sent his way21:00
*** ChanServ sets mode: +o bdpayne21:09
* bdpayne is now an op... please be nice ya'll21:10
tmcpeakwoah21:11
tmcpeakbdpayne: woahhhh21:11
tmcpeakTHA POWAAAAAAA21:11
tmcpeakbdpayne: what did you have to do (out of curiosity)?21:13
bdpayne"chanserv op #openstack-security bdpayne"21:14
bdpaynewhich... I thought we did the other day21:14
bdpaynebut it worked today21:14
tmcpeakyeah, that looks familiar21:14
*** tmcpeak has quit IRC21:17
*** tmcpeak has joined #openstack-security21:20
*** gabriela2 has joined #openstack-security21:27
*** gabriela2 has left #openstack-security21:28
tmcpeakwoah, just in time21:39
tmcpeakgabriela is back!21:39
tmcpeaknkinder: around?21:53
openstackgerritTravis McPeak proposed a change to openstack/security-doc: Adding OSSN-0026: Unrestricted write permission to config files can allow code execution  https://review.openstack.org/11891021:59
*** tmcpeak has quit IRC22:05
*** nkinder has quit IRC22:10
*** openstack has joined #openstack-security22:11
*** nkinder has joined #openstack-security22:26
*** bknudson has quit IRC22:41
*** nkinder has quit IRC22:53
*** voodookid has quit IRC23:06
*** dmccowan has joined #openstack-security23:18
*** tmcpeak has joined #openstack-security23:21
*** dmccowan_ has joined #openstack-security23:22
*** dmccowan has quit IRC23:22
*** dmccowan_ is now known as dmccowan23:22
tmcpeakhey dmccowan: has anybody responded to you yet?23:22
dmccowannot yet, but I was offline for a while23:22
tmcpeakok, I've got to run but we can definitely get you set up for some work23:23
tmcpeakwelcome to OSSG btw23:23
dmccowanthank you23:23
tmcpeakcool, want to come on tomorrow during the day sometime?23:26
dmccowansure, i'll be logged in most of EDT hours.  I'll try to remember to check.  or let me know if you want to set a specific time.23:27
tmcpeaksure, EDT is fine.  Just ping me sometime you see me on and I'll get you set up with something23:28
dmccowanthat's great.  thanks!23:29
tmcpeakcool, np23:29
tmcpeaklater23:29
*** tmcpeak has quit IRC23:31
*** nkinder has joined #openstack-security23:51
« Tuesday, 2014-09-02 Index Thursday, 2014-09-04 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!