Wednesday, 2015-08-12

« Tuesday, 2015-08-11 Index Thursday, 2015-08-13 »
*** elo has quit IRC00:01
*** tmcpeak has quit IRC00:43
*** browne1 has quit IRC00:45
*** lexholden has quit IRC00:49
*** elo1 has quit IRC01:00
*** elo has joined #openstack-security01:29
*** elo has quit IRC01:36
*** alexis3 has joined #openstack-security01:47
alexis3yes01:47
alexis3yes01:47
alexis3ys01:47
alexis3yes01:48
alexis3fffffffffffffffffffffffffffffffffffffffffffffffffffffffff01:48
alexis3ffffffffffffffffffffffffffffffffffffff01:48
alexis3aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa01:48
alexis3aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa01:48
alexis3aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa01:48
alexis3aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa01:48
alexis3aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa01:48
alexis3aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa01:48
alexis3aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa01:48
alexis3aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa01:48
alexis3aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa01:48
alexis3aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa01:48
alexis3aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa01:48
alexis3aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa01:48
alexis3aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa01:48
alexis3zaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa01:48
alexis3l01:48
*** alexis3 has left #openstack-security01:48
*** bknudson has quit IRC01:51
*** alejandrito has quit IRC01:55
*** y_sawai has joined #openstack-security02:14
*** tkelsey has joined #openstack-security02:34
*** tkelsey has quit IRC02:38
*** browne has joined #openstack-security02:39
*** sdake_ has joined #openstack-security03:35
*** sdake has quit IRC03:39
*** sdake_ is now known as sdake03:46
*** elo has joined #openstack-security04:05
*** elo1 has joined #openstack-security04:09
*** elo has quit IRC04:10
*** elo has joined #openstack-security04:17
*** elo2 has joined #openstack-security04:20
*** elo1 has quit IRC04:21
*** elo has quit IRC04:24
*** elo2 has quit IRC04:30
*** elo1 has joined #openstack-security04:30
openstackgerritAndreas Jaeger proposed openstack/security-doc: Moving RST format to main security-guide folder  https://review.openstack.org/21176604:36
openstackgerritAndreas Jaeger proposed openstack/security-doc: Moving RST format to main security-guide folder  https://review.openstack.org/21176604:51
*** elo has joined #openstack-security04:53
*** elo1 has quit IRC04:57
openstackgerritAndreas Jaeger proposed openstack/security-doc: Moving RST format to main security-guide folder  https://review.openstack.org/21176605:00
openstackgerritAndreas Jaeger proposed openstack/security-doc: Remove initial warning  https://review.openstack.org/21184705:26
*** browne has quit IRC06:07
*** shohel has joined #openstack-security06:22
*** sdake_ has joined #openstack-security06:35
*** sdake has quit IRC06:39
*** alex_klimov has joined #openstack-security07:03
*** alex_klimov has joined #openstack-security07:04
*** ig0r_ has joined #openstack-security07:14
openstackgerritOpenStack Proposal Bot proposed openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/21187707:29
*** ig0r__ has joined #openstack-security07:38
*** ig0r_ has quit IRC07:41
*** sdake_ has quit IRC08:04
*** ig0r__ has quit IRC08:13
*** ig0r_ has joined #openstack-security08:17
*** ig0r_ has quit IRC08:19
*** tkelsey has joined #openstack-security08:26
openstackgerritAndreas Jaeger proposed openstack/security-doc: Remove glossary  https://review.openstack.org/21190408:47
openstackgerritAndreas Jaeger proposed openstack/security-doc: Remove DocBook glossary  https://review.openstack.org/21190408:48
openstackgerritMerged openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/21187708:51
*** lexholden has joined #openstack-security08:52
*** lexholden has quit IRC08:53
*** lexholden has joined #openstack-security08:54
*** b10n1k has joined #openstack-security08:57
*** b10n1k has quit IRC10:09
*** ig0r_ has joined #openstack-security10:09
*** lexholden has quit IRC10:28
*** yuanying has quit IRC10:30
*** yuanying has joined #openstack-security10:30
*** Dorfen has joined #openstack-security10:36
*** b10n1k has joined #openstack-security10:37
*** elo has quit IRC10:39
*** b10n1k has quit IRC10:45
*** ig0r_ has quit IRC10:46
*** lexholden has joined #openstack-security11:24
*** shohel has quit IRC11:34
*** shohel has joined #openstack-security11:34
*** dave-mccowan has quit IRC12:12
*** shohel has quit IRC12:28
*** shohel has joined #openstack-security12:28
*** edmondsw has joined #openstack-security12:41
*** elmiko has joined #openstack-security13:06
*** singlethink has joined #openstack-security13:15
*** edmondsw has quit IRC13:24
*** singleth_ has joined #openstack-security13:30
*** singlethink has quit IRC13:33
*** tmcpeak has joined #openstack-security13:43
*** edmondsw has joined #openstack-security13:52
*** sdake_ has joined #openstack-security14:00
*** dave-mccowan has joined #openstack-security14:01
tmcpeakDaviey, tkelsey, browne: today is the day14:06
tkelseytmcpeak: :)14:06
tmcpeakI guess we can wait for browne to finish up his in flight change, then we'll merge that, do some testing and push 0.13.1 today14:07
Davieytmcpeak: i just saw the 2!14:08
Daviey+A*14:09
DavieyOh.. wrong thread.14:09
tmcpeak:D14:09
Daviey(sec-guide RST conversion switchover just got +A.)14:09
tmcpeakahh14:09
Davieytmcpeak: I'm still not quite sure 0.13.1 is needed :)14:10
tmcpeakI'm on the fence14:10
tmcpeakif we do a 0.13.1 though than the Cinder tox thing (and others) will look better in light of missing profiles14:10
DavieyRelease Early, Release Often I guess..14:10
tmcpeakso since it isn't so much effort I'm thinking JFDI is in order14:10
DavieyJFDI++14:10
tmcpeakalso tkelsey is going to pick up the docs again and we'll definitely want to wait on new version until those are done, so it could be a while14:11
Davieytkelsey is a docs machine!14:11
tmcpeakhe is!14:11
*** voodookid has joined #openstack-security14:12
openstackgerritMerged openstack/security-doc: Moving RST format to main security-guide folder  https://review.openstack.org/21176614:12
tkelseySo, I dropped a -1 on https://review.openstack.org/#/c/210806/ but it is very close to merging I think14:12
tkelseyjust tweaks needed14:13
tmcpeakcool, yeah I think he was going to make a couple of changes anyway14:13
*** elo has joined #openstack-security14:13
*** sigmavirus24_awa is now known as sigmavirus2414:13
tkelseyso im going to resume docs stuff now, probs for 0.14, so i'll leave the WIP on them till 0.13.1 is done14:15
tkelseyif it gets done14:15
tmcpeakok cool14:15
tmcpeaktkelsey: it will get done14:15
tmcpeakI'm going to push it today14:16
tkelseycool14:16
openstackgerritArvind Somya proposed openstack/security-doc: Networking services in OpenStack Security Guide  - Rewrite for clarity  https://review.openstack.org/21169914:16
*** yaya has joined #openstack-security14:21
*** jmckind has joined #openstack-security14:26
*** tkelsey has quit IRC14:28
*** tkelsey has joined #openstack-security14:28
*** tjt263 has quit IRC14:35
*** jmckind has quit IRC14:44
*** yaya has quit IRC14:54
*** sicarie has joined #openstack-security14:57
*** browne has joined #openstack-security14:58
tmcpeakmr. browne14:58
tmcpeakgood morning14:58
tmcpeakI'd like to get 0.13.1 up today, and get your new plugin in it14:58
sigmavirus24tmcpeak: new plugins should be 0.14.014:59
sigmavirus240.13.1 should be bug fixes only14:59
tmcpeaksigmavirus24: hmm solid point15:00
tmcpeakok, 0.14.0 it is15:00
Davieynew plugins?  Have i missed some reviews?15:00
tmcpeakDaviey: https://review.openstack.org/#/c/210806/15:01
*** AJaeger has joined #openstack-security15:01
DavieySo i have15:01
AJaegerThe RST Security Guide is published at http://docs.openstack.org/security-guide/15:01
tmcpeakok so how's this sigmavirus24: we'll 0.13.1 with the fixes we have15:03
tmcpeakand then new plugin and doc can go in 0.1415:03
Davieysigmavirus24: Why would we promote module globals when declaration in function is suitable?15:04
Davieytmcpeak: ^15:04
elmikoAJaeger, awesome!15:04
* Daviey ^5's AJaeger.15:04
elmikovery cool15:04
sigmavirus24tmcpeak: sure15:04
* AJaeger ^5s back15:04
tmcpeakDaviey: which part are you talking about?15:05
Davieytmcpeak: LN22, https://review.openstack.org/#/c/210806/2/bandit/plugins/weak_cryptographic_key.py15:05
AJaegerDaviey, elmiko: There're still a few cleanup patches to get in but RST is live ;)15:05
elmikoAJaeger, ack, still though, looks nice =)15:05
elmikosicarie, ^^15:05
tmcpeakyeah I don't understand that either TBH15:06
DavieyThat contents over the side is super pretty :D15:06
*** serverascode has quit IRC15:06
sigmavirus24Daviey: if we're using them as globals there's no reason to not make them module globals15:06
tmcpeakAJaeger: really awesome!15:06
sicarieAJaeger: awesome, thanks for all the help on this!15:06
sicarieAnd by help, I mean thanks for doing most of it!15:06
sigmavirus24Daviey: they're named like globals, they're used like globals, by the logic of ducktyping, they're globals15:06
sicarieAJaeger: and you announced it too, thanks! (Just beat me to it!)15:07
AJaegersicarie: sorry for beating you to it - you can announce on openstack-dev ;)15:08
Davieysigmavirus24: Hmm, uppercase to me means Constant.. not Global15:08
sicarieNo worries at all - I’m just happy it’s done15:08
AJaegersicarie: You all did most of the hard work with converting the files, it was impressive seeing the reviews coming in!15:08
Davieysigmavirus24: Am i wrong?15:09
sigmavirus24Daviey: globals tend to be constants15:09
*** serverascode has joined #openstack-security15:09
*** dave-mccowan has quit IRC15:09
Davieysigmavirus24: Hmm.. They can be.. but in general?15:09
sigmavirus24Daviey: if you're using globals as non constants, its your own funeral15:10
*** shohel has quit IRC15:10
Davieyright.. but shouldn't we be pushing stuff down into the lowest classifier.. In this case, it is function declaration?15:10
Davieysigmavirus24: If another function needed it, then sure.. module scope.15:11
AJaegerbtw. could I get some +2s on security-spec for cleanups: https://review.openstack.org/202904 and https://review.openstack.org/202906, please?15:11
sigmavirus24Daviey: each time that check runs you're redefining those "constants"15:11
elmikoAJaeger, ack15:12
Davieysigmavirus24: Ah true.. but wouldn't that get bytecode optimized?15:12
sigmavirus24Not really15:12
*** nkinder has joined #openstack-security15:12
sigmavirus24Most people don't run `python -O -m bandit` (which doesn't work anyway)15:12
AJaegersicarie: I really think you should announce on openstack-dev for the broader audience!15:12
openstackgerritMerged openstack/security-doc: Networking services in OpenStack Security Guide  - Rewrite for clarity  https://review.openstack.org/21169915:13
sicarieAJaeger: I think I did?15:13
sigmavirus24Even so, I don't think the peephole optimizer would say "this is never reassigned so just replace its use with the string"15:13
sicarieJust kicked the email off, so it’s probably en route15:13
AJaegersicarie: cool - /me checks email ;)15:13
sigmavirus24Daviey: this isn't about optimization or speed either15:13
sigmavirus24This is about communicating intent15:13
sigmavirus24Which module-level globals do15:14
Davieysigmavirus24: hmm, ok.  I've always just followed the logic of pushing constant definition into the smallest scope possible.15:14
Davieybut fair enough15:14
*** elo has quit IRC15:15
openstackgerritAndreas Jaeger proposed openstack/security-doc: Publish Japanese Security Guide  https://review.openstack.org/21206915:17
tmcpeaksigmavirus24, Daviey: ahh ok - I learn something new e'ryday15:17
openstackgerritMerged openstack/security-specs: Sync with global requirements  https://review.openstack.org/20290615:18
AJaegerthanks for the reviews on security-specs!15:18
elmikoAJaeger, np, thanks to you as well =)15:19
sicarie+115:19
openstackgerritMerged openstack/security-specs: Housekeeping  https://review.openstack.org/20290415:22
* AJaeger waves good-bye, time to cycle home...15:23
DavieyAJaeger: o/15:24
elmikoAJaeger, enjoy15:24
*** AJaeger has quit IRC15:24
*** tlaxkit has joined #openstack-security15:29
*** tlaxkit has left #openstack-security15:30
*** salv-orl_ has joined #openstack-security15:37
*** yaya has joined #openstack-security15:37
*** salv-orlando has quit IRC15:40
*** nkinder has quit IRC15:47
openstackgerritMerged openstack/security-doc: Publish Japanese Security Guide  https://review.openstack.org/21206915:47
*** yaya has quit IRC15:49
tmcpeakbrowne, sigmavirus24, tkelsey, Daviey: I'm going to do 0.13.1 to fix this missing config issue15:56
tmcpeakeverybody happy with that?15:56
sigmavirus24:+1:15:56
tmcpeakgreat15:57
tkelsey+115:57
browne+116:03
tmcpeakhttps://pypi.python.org/pypi/bandit16:03
tmcpeakBandt 0.13.1 ^16:03
*** singleth_ has quit IRC16:04
tmcpeaksmcginnis: ^16:04
smcginnistmcpeak: Thanks!16:05
tmcpeakthanks for letting us know about the issue16:05
brownehttps://review.openstack.org/#/c/210787/16:07
brownewe'll have to wait for openstack proposal bot to update the upper-constraints16:08
*** singlethink has joined #openstack-security16:08
*** alex_klimov has quit IRC16:11
*** sdake_ is now known as sdake16:13
*** sigmavirus24 is now known as sigmavirus24_awa16:18
*** Canaimero-e64b1 has joined #openstack-security16:19
*** Canaimero-e64b1 has quit IRC16:21
*** sigmavirus24_awa is now known as sigmavirus2416:25
*** yaya has joined #openstack-security16:27
Davieytmcpeak: great!16:30
*** singlethink has quit IRC16:31
tmcpeakthanks for taking over the work on that Daviey16:31
*** singlethink has joined #openstack-security16:34
*** jian5397 has joined #openstack-security16:34
*** dave-mccowan has joined #openstack-security16:37
*** salv-orl_ has quit IRC16:40
*** salv-orlando has joined #openstack-security16:41
*** geraldo has joined #openstack-security16:49
*** geraldo has quit IRC16:52
*** salv-orlando has quit IRC16:54
*** salv-orlando has joined #openstack-security16:54
*** singleth_ has joined #openstack-security17:00
*** singlethink has quit IRC17:04
*** singleth_ has quit IRC17:05
*** dave-mcc_ has joined #openstack-security17:28
*** singlethink has joined #openstack-security17:29
*** Aristocle has joined #openstack-security17:30
*** dave-mccowan has quit IRC17:31
*** nkinder has joined #openstack-security17:32
*** singleth_ has joined #openstack-security17:34
*** tkelsey has quit IRC17:36
*** singlethink has quit IRC17:36
*** dave-mccowan has joined #openstack-security17:38
tmcpeakbrowne: good thought to ad the stakeholders17:39
tmcpeakI did manual check all the Keystone properties17:39
browneyeah, if i missed some, feel free to add17:40
*** dave-mcc_ has quit IRC17:40
*** yaya has quit IRC17:43
*** Aristocle has quit IRC17:47
*** nkinder has quit IRC17:54
*** yaya has joined #openstack-security17:56
*** salv-orl_ has joined #openstack-security17:59
*** salv-orlando has quit IRC18:01
*** singlethink has joined #openstack-security18:01
openstackgerritAndreas Jaeger proposed openstack/security-doc: Cleanup tox.ini  https://review.openstack.org/21212718:02
*** singleth_ has quit IRC18:05
openstackgerritAndreas Jaeger proposed openstack/security-doc: Remove tools/generatepot  https://review.openstack.org/21212918:08
*** bapalm_ has joined #openstack-security18:15
elmikotmcpeak, i saw your last comment on https://bugs.launchpad.net/ossn/+bug/145755118:15
openstackLaunchpad bug 1457551 in OpenStack Security Notes "Another Horizon login page vulnerability to a DoS attack" [Undecided,New]18:15
elmikowere you gonna take that one, or can i grab it?18:15
*** Plato has joined #openstack-security18:17
*** singleth_ has joined #openstack-security18:30
*** singlethink has quit IRC18:33
*** salv-orl_ has quit IRC18:46
*** salv-orlando has joined #openstack-security18:49
*** jian5397 has quit IRC19:04
*** jian5397 has joined #openstack-security19:04
*** yaya has quit IRC19:06
*** elo has joined #openstack-security19:08
*** bpokorny has joined #openstack-security19:16
*** jmckind_ has joined #openstack-security19:20
*** sicarie has quit IRC19:30
*** jian5397 has quit IRC19:55
*** lexholden has quit IRC19:57
*** jian5397 has joined #openstack-security20:13
*** singlethink has joined #openstack-security20:29
*** singlet__ has joined #openstack-security20:31
*** singleth_ has quit IRC20:33
*** singlethink has quit IRC20:34
*** jmckind_ has quit IRC20:35
*** jmckind has joined #openstack-security20:55
*** jmckind_ has joined #openstack-security21:11
*** alex_klimov has joined #openstack-security21:11
*** jmckind has quit IRC21:12
*** zul has quit IRC21:21
*** singlethink has joined #openstack-security21:31
*** singlet__ has quit IRC21:34
*** zul has joined #openstack-security21:34
*** singleth_ has joined #openstack-security21:42
*** jmckind_ has quit IRC21:44
*** singlethink has quit IRC21:46
*** singlethink has joined #openstack-security21:47
*** singleth_ has quit IRC21:50
*** bpokorny_ has joined #openstack-security21:58
*** bpokorny has quit IRC22:01
*** edmondsw has quit IRC22:06
*** jian5397 has quit IRC22:18
*** bpokorny has joined #openstack-security22:29
*** bpokorny_ has quit IRC22:33
*** jmckind has joined #openstack-security22:45
*** singlethink has quit IRC22:47
*** voodookid has quit IRC23:06
*** alex_klimov has quit IRC23:11
*** markvoelker has quit IRC23:14
*** zul has quit IRC23:17
*** tkelsey has joined #openstack-security23:35
*** salv-orl_ has joined #openstack-security23:35
*** salv-orlando has quit IRC23:37
*** tkelsey has quit IRC23:39
*** elo has quit IRC23:55
*** elo has joined #openstack-security23:56
« Tuesday, 2015-08-11 Index Thursday, 2015-08-13 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!