Wednesday, 2016-03-30

« Tuesday, 2016-03-29 Index Thursday, 2016-03-31 »
*** avarner_ has quit IRC00:02
*** zul has quit IRC00:19
*** browne has quit IRC01:01
*** zul_ has joined #openstack-security01:08
*** zul_ is now known as zul01:08
*** tmcpeak has quit IRC01:16
*** raginbajin has quit IRC01:30
*** krotscheck_dcm has quit IRC01:31
*** raginbajin has joined #openstack-security01:31
*** krotscheck has joined #openstack-security01:33
*** dave-mccowan has joined #openstack-security01:54
*** salv-orl_ has joined #openstack-security01:55
*** jass93 has quit IRC01:56
*** salv-orl_ has quit IRC01:58
*** salv-orl_ has joined #openstack-security01:58
*** salv-orlando has quit IRC01:59
*** jass93 has joined #openstack-security02:00
*** salv-orl_ has quit IRC02:05
*** jass93_ has joined #openstack-security02:08
*** jass93 has quit IRC02:09
*** bpokorny has quit IRC02:21
*** austin987 has joined #openstack-security02:41
*** bpokorny has joined #openstack-security03:14
*** yuanying has quit IRC03:22
*** bpokorny has quit IRC03:25
*** jass93 has joined #openstack-security04:02
*** jass93_ has quit IRC04:02
*** dave-mccowan has quit IRC04:16
*** yuanying has joined #openstack-security04:24
*** markvoelker has joined #openstack-security04:36
*** int3rceptor has joined #openstack-security04:37
*** int3rceptor has left #openstack-security04:38
*** liverpooler has joined #openstack-security05:57
*** markvoelker has quit IRC06:10
*** rcernin has joined #openstack-security06:26
*** markvoelker has joined #openstack-security06:26
*** salv-orlando has joined #openstack-security06:37
*** markvoelker has quit IRC06:39
*** tesseract has joined #openstack-security06:45
*** tesseract is now known as Guest2315706:46
openstackgerritOpenStack Proposal Bot proposed openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/29916607:03
openstackgerritMerged openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/29916607:13
openstackgerritBathri Ajay Raj proposed openstack/security-doc: [security-guide] For consistency, expanded kerberos  https://review.openstack.org/29917207:20
*** jmckind_ has quit IRC07:26
*** elo has quit IRC07:38
*** elo has joined #openstack-security07:38
*** markvoelker has joined #openstack-security07:40
*** hyakuhei has joined #openstack-security07:44
*** markvoelker has quit IRC07:45
*** hyakuhei has quit IRC07:45
*** hyakuhei has joined #openstack-security07:46
*** hyakuhei has quit IRC07:47
*** salv-orlando has quit IRC07:58
*** hyakuhei has joined #openstack-security08:00
*** hyakuhei has quit IRC08:00
*** salv-orlando has joined #openstack-security08:08
*** chthon has joined #openstack-security08:17
*** tkelsey has joined #openstack-security08:22
*** tkelsey has quit IRC08:26
*** tkelsey has joined #openstack-security08:35
*** markvoelker has joined #openstack-security08:42
*** markvoelker has quit IRC08:47
openstackgerritTim Kelsey proposed openstack/bandit: Ensure error exit codes fail integrations  https://review.openstack.org/28156008:53
*** chthon has quit IRC09:05
*** chthon has joined #openstack-security09:20
*** markvoelker has joined #openstack-security09:44
*** markvoelker has quit IRC09:49
*** chthon has quit IRC10:27
*** chthon has joined #openstack-security10:40
*** ibravo has joined #openstack-security11:29
*** ibravo has quit IRC11:34
*** ibravo has joined #openstack-security11:37
*** dave-mccowan has joined #openstack-security11:40
*** markvoelker has joined #openstack-security11:46
*** openstackgerrit has quit IRC11:47
*** openstackgerrit has joined #openstack-security11:47
*** markvoelker has quit IRC11:51
*** ibravo has quit IRC11:55
*** Guest15833 is now known as Vivek12:26
*** Vivek has quit IRC12:26
*** Vivek has joined #openstack-security12:26
*** salv-orl_ has joined #openstack-security12:28
*** salv-orlando has quit IRC12:31
*** openstackgerrit has quit IRC12:33
*** openstackgerrit has joined #openstack-security12:33
openstackgerritAlexey Ovchinnikov proposed openstack/security-doc: Shared File Systems service security guide fixes  https://review.openstack.org/29822712:36
*** markvoelker has joined #openstack-security12:47
*** markvoelker has quit IRC12:51
*** edmondsw has joined #openstack-security12:52
*** ninag has joined #openstack-security12:53
*** edmondsw has quit IRC12:58
openstackgerritAlexey Ovchinnikov proposed openstack/security-doc: Shared File Systems service security guide fixes  https://review.openstack.org/29822713:06
*** hyakuhei has joined #openstack-security13:08
*** hyakuhei has quit IRC13:11
*** hyakuhei has joined #openstack-security13:13
*** hyakuhei has quit IRC13:14
*** openstackgerrit has quit IRC13:18
*** openstackgerrit has joined #openstack-security13:18
*** ibravo has joined #openstack-security13:22
*** hyakuhei has joined #openstack-security13:23
*** evand has quit IRC13:23
*** hyakuhei has quit IRC13:25
*** evand has joined #openstack-security13:25
*** hyakuhei has joined #openstack-security13:26
openstackgerritAlexey Ovchinnikov proposed openstack/security-doc: Shared File Systems service security guide fixes  https://review.openstack.org/29822713:28
*** cleong has joined #openstack-security13:34
*** liverpooler has quit IRC13:34
*** edmondsw has joined #openstack-security13:34
*** salv-orl_ has quit IRC13:34
*** ninag has quit IRC13:39
*** ninag has joined #openstack-security13:41
*** ninag has quit IRC13:42
*** cjschaef has joined #openstack-security13:47
*** markvoelker has joined #openstack-security13:48
*** jmckind has joined #openstack-security13:51
*** markvoelker has quit IRC13:52
*** ametts has joined #openstack-security13:57
*** jmckind has quit IRC13:59
*** jmckind has joined #openstack-security14:04
*** sigmavirus24_awa is now known as sigmavirus2414:12
*** mvaldes has joined #openstack-security14:14
*** avarner has joined #openstack-security14:14
*** markvoelker has joined #openstack-security14:16
*** hyakuhei has quit IRC14:36
*** hyakuhei has joined #openstack-security14:38
*** markvoelker has quit IRC14:46
*** mvaldes has quit IRC14:47
*** ametts has quit IRC14:57
*** ninag has joined #openstack-security14:58
*** tkelsey has quit IRC15:03
*** tmcpeak has joined #openstack-security15:05
*** diazjf has joined #openstack-security15:14
*** diazjf has quit IRC15:17
*** Guest23157 has quit IRC15:21
*** markvoelker has joined #openstack-security15:29
*** diazjf has joined #openstack-security15:32
*** diazjf has quit IRC15:33
*** diazjf has joined #openstack-security15:35
*** austin987 has quit IRC15:39
*** tkelsey has joined #openstack-security15:49
*** ametts has joined #openstack-security15:51
*** cjschaef has quit IRC15:53
*** austin987 has joined #openstack-security15:53
*** tkelsey has quit IRC15:56
*** salv-orlando has joined #openstack-security16:02
*** cjschaef has joined #openstack-security16:04
*** salv-orlando has quit IRC16:11
*** openstack has joined #openstack-security17:04
*** mvaldes has joined #openstack-security17:06
*** hyakuhei has quit IRC17:14
openstackgerritchen.xing proposed openstack/security-doc: [sec-guide]Update security guide for next release  https://review.openstack.org/29954417:20
*** salv-orlando has joined #openstack-security17:33
*** salv-orlando has quit IRC17:40
*** jmckind has quit IRC17:43
*** mvaldes has quit IRC17:45
*** browne has joined #openstack-security17:46
*** zul has quit IRC17:50
*** tmcpeak has quit IRC17:52
*** tmcpeak has joined #openstack-security17:53
brownelooks like we introduced more plugin testing in bandit which is breaking more integration tests again. we need to hold off on any new changes so we can get 1.0 out17:54
tmcpeakbrowne: cool, fair enough17:55
browneor rebase on https://review.openstack.org/#/c/281560/17:55
browneor we can revert so we can push out 1.017:56
tmcpeakwhich plugin test are you talking about?17:56
browneas it stands now, keystone, oslo.config, and sahara are breaking17:56
brownelooks like there are new failures for continue statement in an exception block17:57
tmcpeakwhat introduced a Keystone break?17:57
brownehttps://review.openstack.org/#/c/296065/17:58
tmcpeakoooh17:59
brownemight be better to revert because it'll be very hard to get patches merged in those other projects right now (so close to release of mitaka)17:59
tmcpeakso Keystone's gates aren't broken because they're using a config that only includes certain plugins, right?17:59
brownekeystone's gate isn't broken because they don't have this version of bandit yet that's checking extra things18:00
tmcpeakand the profile wouldn't run it anyway...18:00
browneoh, we already have stable/mitaka so maybe not as hard to get patches in those projects18:00
tmcpeakseems like a useful plugin though.  Any better option than reverting?18:00
*** diazjf has quit IRC18:01
*** jass93 has quit IRC18:01
browneyeah, its useful.  only other alternative is to nosec in those projects18:02
*** ninag has quit IRC18:03
*** hyakuhei has joined #openstack-security18:11
*** zul has joined #openstack-security18:11
*** diazjf has joined #openstack-security18:12
tmcpeakthat should be a low severity finding which should be filtered out either by profiles or by bandit run mode though, right?18:13
openstackgerritMerged openstack/security-doc: [sec-guide]Update security guide for next release  https://review.openstack.org/29954418:15
*** hyakuhei has quit IRC18:18
brownetmcpeak: but most projects are no longer using profiles18:21
browneand once 1.0 comes out, they'll just use the test IDs to filter18:22
*** diazjf has quit IRC18:22
*** diazjf has joined #openstack-security18:22
brownebut we don't want to immediately break those projects on a new release of bandit18:22
brownebetter to fix prior to release18:23
tmcpeakbrowne: yep, agreed18:23
tmcpeakwhy we have the integration tests :)18:23
browneha, yep18:23
*** mvaldes has joined #openstack-security18:27
*** sigmavirus24 is now known as sigmavirus24_awa18:34
*** sigmavirus24_awa is now known as sigmavirus2418:35
openstackgerritRahul U Nair proposed openstack/syntribos: Added payloads for keystone API  https://review.openstack.org/29903218:36
*** krotscheck is now known as krotscheck_dcm18:46
*** ninag has joined #openstack-security18:53
*** mdong has joined #openstack-security18:56
*** diazjf has quit IRC18:57
*** jmckind has joined #openstack-security19:02
*** salv-orlando has joined #openstack-security19:03
*** tmcpeak has quit IRC19:30
*** tkelsey has joined #openstack-security19:39
*** tkelsey has quit IRC19:47
*** tkelsey has joined #openstack-security19:53
*** tkelsey has quit IRC20:02
*** mvaldes has quit IRC20:09
*** jass93 has joined #openstack-security20:22
*** diazjf has joined #openstack-security20:23
*** cleong has quit IRC20:26
*** ninag has quit IRC20:26
*** tmcpeak has joined #openstack-security20:36
*** openstackgerrit has quit IRC20:48
*** openstackgerrit has joined #openstack-security20:48
*** mdong_ has joined #openstack-security20:57
*** mdong has quit IRC20:59
*** mdong_ is now known as mdong20:59
openstackgerritYasmine proposed openstack/syntribos: Uploading command injection files  https://review.openstack.org/29962621:01
*** bpokorny has quit IRC21:04
*** mvaldes has joined #openstack-security21:09
*** i44093453 has joined #openstack-security21:17
*** i44093453 has left #openstack-security21:18
*** mvaldes has quit IRC21:21
*** tkelsey has joined #openstack-security21:22
*** tkelsey has quit IRC21:27
*** cjschaef has quit IRC21:33
*** hyakuhei has joined #openstack-security21:40
*** bpokorny has joined #openstack-security21:43
*** hyakuhei has quit IRC21:46
avarnerDoes anyone know if the Bandit configuration refactor is done?21:52
avarnerI thought the refactor was to eliminate the need for configuration files, so I could specify tests on the command line21:53
avarnerBut, I'm getting an error message reading `bandit: error: unrecognized arguments: -s blacklist_calls21:53
avarner`21:53
tmcpeakavarner: you should specify them by ID and also blacklist calls isn't a test anymore, we've broken it into a bunch of tests21:54
tmcpeakavarner: actually I'm pretty sure you can specify by name too, but the second thing I mentioned is most likely what's hanging you up21:55
avarnerDo you know the minimum version needed to use the `-s` argument?21:55
avarnerI think I have 0.17.3, but it doesn't work21:55
tmcpeakhmm, good q21:55
tmcpeakgive me one sec I'll find out21:55
tmcpeakavarner: yeah 0.17.3 doesn't have it.  It's part of our 1.0 stuff which hasn't been released on PyPI yet21:56
tmcpeakwe're looking at a release very soon though21:57
tmcpeakstay tuned21:57
avarnerok, thanks21:57
tmcpeaksure21:58
*** tkelsey has joined #openstack-security22:02
*** diazjf has quit IRC22:04
*** jass93 has quit IRC22:05
*** tkelsey has quit IRC22:07
openstackgerritRahul U Nair proposed openstack/syntribos: Added payloads for keystone API  https://review.openstack.org/29903222:19
*** markvoelker has joined #openstack-security22:24
*** sigmavirus24 is now known as sigmavirus24_awa22:27
*** jmckind has quit IRC22:37
*** Unterd0g has joined #openstack-security22:40
*** mdong has quit IRC22:42
*** guest12342543467 has joined #openstack-security22:42
*** mdong has joined #openstack-security22:42
*** guest12342543467 has quit IRC22:48
*** edmondsw has quit IRC22:48
*** markvoelker has quit IRC22:57
*** ametts has quit IRC22:57
*** mdong has quit IRC23:14
*** nkinder has joined #openstack-security23:16
*** salv-orl_ has joined #openstack-security23:24
*** salv-orlando has quit IRC23:26
*** nkinder has quit IRC23:32
*** jass93 has joined #openstack-security23:40
*** austin987 has quit IRC23:50
openstackgerritRahul U Nair proposed openstack/syntribos: Added payloads for keystone API  https://review.openstack.org/29903223:57
« Tuesday, 2016-03-29 Index Thursday, 2016-03-31 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!