Thursday, 2016-09-08

« Wednesday, 2016-09-07 Index Friday, 2016-09-09 »
ccneillyeah, you really can't test production instances with this without a cleanup mechanism of some kind lol00:01
*** zul has quit IRC00:01
unrahulyeah ..:D00:02
unrahulI had to login and clean up a few times today..00:03
*** sicarie has quit IRC00:05
*** trisq has joined #openstack-security00:26
*** austin987 has joined #openstack-security00:30
*** tmcpeak has quit IRC00:58
*** diazjf has joined #openstack-security00:59
*** diazjf has quit IRC00:59
*** trisq has quit IRC01:03
*** mdong has joined #openstack-security01:08
*** salv-orlando has joined #openstack-security01:23
*** salv-orlando has quit IRC01:26
*** trisq has joined #openstack-security01:29
*** tmcpeak has joined #openstack-security01:32
*** sdake has joined #openstack-security01:32
*** openstack has joined #openstack-security01:42
*** ccneill has quit IRC02:04
*** salv-orlando has joined #openstack-security02:33
*** tmcpeak has quit IRC02:35
*** salv-orlando has quit IRC02:43
*** yuanying has quit IRC02:47
*** mdong has quit IRC03:29
*** salv-orlando has joined #openstack-security03:42
*** salv-orlando has quit IRC03:49
*** yuanying has joined #openstack-security03:51
*** markvoelker has quit IRC04:30
*** markvoelker has joined #openstack-security04:31
*** dikonoor has joined #openstack-security04:39
*** woodster_ has quit IRC04:39
*** can8dnSix has joined #openstack-security04:40
*** salv-orlando has joined #openstack-security04:52
*** dikonoor has quit IRC04:54
*** dikonoor has joined #openstack-security04:56
*** sdake has quit IRC04:56
*** salv-orl_ has joined #openstack-security04:59
*** salv-orl_ has quit IRC04:59
*** salv-orlando has quit IRC04:59
*** salv-orlando has joined #openstack-security05:00
*** sdake has joined #openstack-security05:00
*** can8dnSix has quit IRC05:10
*** zhihui has quit IRC05:12
*** dikonoor has quit IRC05:33
*** dikonoor has joined #openstack-security05:48
*** sdake_ has joined #openstack-security05:56
*** sdake has quit IRC05:58
*** austin987 has quit IRC06:00
*** dikonoor has quit IRC06:03
*** liverpooler has quit IRC06:21
*** austin987 has joined #openstack-security06:45
*** salv-orlando has quit IRC06:54
*** trisq has quit IRC07:01
*** trisq has joined #openstack-security07:02
*** tesseract- has joined #openstack-security07:04
*** trisq has quit IRC07:08
*** trisq has joined #openstack-security07:09
*** jass93 has quit IRC07:13
*** austin987 has quit IRC07:14
*** trisq has quit IRC07:14
*** trisq has joined #openstack-security07:15
*** knangia has quit IRC07:21
*** liverpooler has joined #openstack-security07:22
openstackgerritchen.xing proposed openstack/security-doc: Set the picture width  https://review.openstack.org/36714307:28
*** openstackgerrit has quit IRC07:33
*** openstackgerrit has joined #openstack-security07:34
*** austin987 has joined #openstack-security07:34
*** austin987 has quit IRC07:40
*** jass93 has joined #openstack-security07:50
*** salv-orlando has joined #openstack-security07:59
*** salv-orlando has quit IRC08:01
*** Mateuyeu has joined #openstack-security08:10
*** sdake_ is now known as sdake08:17
*** salv-orlando has joined #openstack-security08:23
*** dikonoor has joined #openstack-security08:24
*** Mateuyeu has quit IRC08:28
*** salv-orl_ has joined #openstack-security08:30
*** salv-orlando has quit IRC08:33
*** shohel has joined #openstack-security08:38
openstackgerritOpenStack Proposal Bot proposed openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/36725009:42
*** sirbt has joined #openstack-security10:49
sirbtwhere can i find a meteor channel10:51
*** dikonoor has quit IRC10:53
*** trisq has quit IRC11:12
*** salv-orl_ has quit IRC11:22
*** dikonoor has joined #openstack-security11:23
*** dikonoor has quit IRC11:28
*** dikonoor has joined #openstack-security11:29
*** sirbt has quit IRC11:36
*** dikonoor has quit IRC11:40
*** sirbt has joined #openstack-security11:47
*** sirbt has quit IRC11:54
openstackgerritOpenStack Proposal Bot proposed openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/36725012:05
*** dikonoor has joined #openstack-security12:54
*** cleong has joined #openstack-security12:56
*** liverpooler has quit IRC12:58
*** liverpooler has joined #openstack-security13:01
*** sdake_ has joined #openstack-security13:20
*** sdake has quit IRC13:22
*** liverpooler has quit IRC13:28
*** liverpooler has joined #openstack-security13:30
*** salv-orlando has joined #openstack-security13:34
*** salv-orlando has quit IRC13:42
*** woodster_ has joined #openstack-security13:45
*** liverpooler has quit IRC13:55
*** jmckind has joined #openstack-security13:59
*** mvaldes has joined #openstack-security14:03
*** jass93 has quit IRC14:05
*** sdake has joined #openstack-security14:10
*** sdake_ has quit IRC14:12
*** shohel has quit IRC14:19
*** shohel has joined #openstack-security14:19
*** zul has joined #openstack-security14:20
*** zul has quit IRC14:22
*** zul has joined #openstack-security14:23
*** singlethink has joined #openstack-security14:36
*** knangia has joined #openstack-security14:38
*** scarab_ has joined #openstack-security14:39
*** salv-orlando has joined #openstack-security14:40
*** dikonoor has quit IRC14:52
*** vinaypotluri has joined #openstack-security14:53
*** shohel has quit IRC14:53
*** sirbt has joined #openstack-security14:54
*** tmcpeak has joined #openstack-security14:57
*** diazjf has joined #openstack-security14:57
*** scarab_ has quit IRC15:10
*** sdake_ has joined #openstack-security15:21
*** sdake has quit IRC15:22
*** diazjf has quit IRC15:28
*** austin987 has joined #openstack-security15:31
*** zul has quit IRC15:39
*** zul has joined #openstack-security15:40
*** diazjf has joined #openstack-security15:40
*** zul has quit IRC15:40
*** zul has joined #openstack-security15:41
*** browne has joined #openstack-security15:44
*** sicarie has joined #openstack-security15:45
*** diazjf has quit IRC16:00
openstackgerritRahul U Nair proposed openstack/syntribos: Upgrading memoize to memoize functions with same kwargs as well  https://review.openstack.org/36748116:02
*** ccneill has joined #openstack-security16:05
*** liverpooler has joined #openstack-security16:08
*** mdong has joined #openstack-security16:15
ccneillunrahul, vinaypotluri, knangia, mdong : looks like our vidyo room has been co-opted16:16
mdongosic-5?16:16
ccneillI'm in OSIC-5 right now16:16
ccneilldoes everyone have the link?16:16
*** woodburn has left #openstack-security16:16
ccneillmdong and I have a hard stop at 11:30 today16:16
*** woodburn has joined #openstack-security16:17
knangiaccneill: which room do we have meeting16:17
knangiaOur room is used by other team16:17
mdongOsic-5-recordable16:18
knangiaWhats the room extension16:18
mdong400035116:19
*** diazjf has joined #openstack-security16:20
*** tesseract- has quit IRC16:21
*** tkelsey has joined #openstack-security16:22
*** ametts has joined #openstack-security16:32
*** jmckind_ has joined #openstack-security16:44
*** jmckind has quit IRC16:47
openstackgerritRahul U Nair proposed openstack/syntribos: Fixing some documentation nits  https://review.openstack.org/36750916:48
*** mvaldes has quit IRC16:50
openstackgerritRahul U Nair proposed openstack/syntribos: Fixing some documentation nits  https://review.openstack.org/36750916:54
openstackgerritEric Brown proposed openstack/anchor: Anchor can now be installed and invoked as simply "anchor"  https://review.openstack.org/22129017:01
*** sirbt has quit IRC17:03
*** sirbt has joined #openstack-security17:06
*** zul has quit IRC17:10
*** zul has joined #openstack-security17:14
openstackgerritOpenStack Proposal Bot proposed openstack/anchor: Updated from global requirements  https://review.openstack.org/31434717:16
*** sirbt has quit IRC17:19
*** sirbt has joined #openstack-security17:23
*** diazjf has quit IRC17:23
*** sirbt has quit IRC17:27
*** sirbt has joined #openstack-security17:30
*** sirbt has quit IRC17:40
*** sirbt has joined #openstack-security17:43
*** sirbt has quit IRC17:55
*** sirbt has joined #openstack-security17:57
*** jass93 has joined #openstack-security17:58
*** sirbt has quit IRC18:02
*** sirbt has joined #openstack-security18:02
*** mdong has quit IRC18:04
openstackgerritMerged openstack/syntribos: Fixing some documentation nits  https://review.openstack.org/36750918:06
*** sirbt has quit IRC18:07
*** sirbt has joined #openstack-security18:08
openstackgerritKhanak Nangia proposed openstack/security-doc: Updated OSSN-0073 Added information about horizon dashboard leaks  https://review.openstack.org/35732818:14
*** lhinds is now known as lhinds|away18:15
*** sirbt has quit IRC18:18
*** sirbt has joined #openstack-security18:22
*** sdake_ is now known as sdake18:27
*** tkelsey has quit IRC18:32
*** diazjf has joined #openstack-security18:36
unrahulhey ccneill I am working the networks  subnets and ports part18:51
ccneillseeing anything cool?18:51
unrahul:| .. nop.. getting my act together.. so.. lets c..18:52
unrahulwhat about u..? anything cool?18:52
ccneilltrying to get devstack to work :|18:53
ccneillgonna send an email soon about my lessons learned18:53
unrahulokay ccneill18:55
*** salv-orlando has quit IRC19:06
*** jmckind_ has quit IRC19:07
*** jmckind has joined #openstack-security19:08
*** tmcpeak has quit IRC19:21
*** jass93 has quit IRC19:31
*** mvaldes has joined #openstack-security19:32
*** sicarie has quit IRC19:33
*** sicarie has joined #openstack-security19:35
*** diazjf has quit IRC19:39
*** mdong has joined #openstack-security19:42
*** singlethink has quit IRC19:45
*** singlethink has joined #openstack-security19:47
*** sdake_ has joined #openstack-security19:50
*** diazjf has joined #openstack-security19:50
*** sdake has quit IRC19:52
openstackgerritMerged openstack/security-doc: [sec-guide] Consistent the 'Nginx' term  https://review.openstack.org/36645720:00
*** jass93 has joined #openstack-security20:10
*** jmckind_ has joined #openstack-security20:12
*** jmckind has quit IRC20:15
*** salv-orlando has joined #openstack-security20:18
openstackgerritMerged openstack/security-doc: Updated OSSN-0073 Added information about horizon dashboard leaks  https://review.openstack.org/35732820:19
*** mvaldes has quit IRC20:21
*** salv-orlando has quit IRC20:22
*** mdong has quit IRC20:24
*** salv-orlando has joined #openstack-security20:33
unrahulhey ccneill20:51
ccneillsup unrahul20:51
unrahulI got a few input validation issues with the openstack client.. not neutron.. basically it doesn't validate terminal control characters..20:52
unrahulnothing major..20:52
unrahulhow about u..?20:52
ccneillunrahul: nice! I think the terminal chars thing is probably worth calling out20:53
ccneillstill trying to get devstack to work20:53
ccneillv_v20:53
ccneilllots of Rackspace meetings today.. got a Security Engineering meeting with our VP in 520:53
unrahuloh really.. yeah.. i didt play much with it.. but basically I can paint the entire screen whatever color I want etc by creating a network..20:53
ccneillhad to disable the proxy stuff.. was getting to be too much of a pain during the install process20:53
unrahulohh.20:53
ccneillhaha nice!20:54
unrahulhehe.. yeah.. :D20:54
ccneillI'm sure there are probably other interesting things you could do there..20:54
unrahulyeah.. thats where I was looking into.. but it is  openstack client not neutron.. so.. does that matter?20:55
ccneillwell, you'll report it to the openstack client launchpad, but you can mention neutron as one affected project20:56
*** diazjf has quit IRC20:57
ccneillI don't think neutron will do any additional filtering, but the openstack client can20:57
ccneillsimilar to if we found a second-order XSS with horizon - we'd probably want to handle that in horizon instead of neutron20:57
ccneillor at least that's my experience - project teams rarely want to change their API outputs, and suggest that the frontends handle it20:57
unrahulI tried a few.. like <script></script> but seems the framework is filtering those out..20:59
unrahulmakes sense20:59
unrahulccneill:20:59
ccneillunrahul: I figured as much - I think people have found a number of issues over the years, so it might take some digging to find more20:59
*** jmckind_ has quit IRC21:03
unrahulyeah... cant wait to find a major vuln :D21:04
*** diazjf has joined #openstack-security21:09
*** ametts has quit IRC21:19
*** sicarie has quit IRC21:20
*** sicarie has joined #openstack-security21:20
*** tmcpeak has joined #openstack-security21:22
*** cleong has quit IRC21:30
*** diazjf has quit IRC21:31
*** ametts has joined #openstack-security21:31
*** ametts has quit IRC21:57
*** mvaldes has joined #openstack-security21:59
*** mdong has joined #openstack-security22:00
*** sicarie has quit IRC22:01
*** sicarie has joined #openstack-security22:02
*** mvaldes has quit IRC22:03
*** jass93 has quit IRC22:05
*** jass93 has joined #openstack-security22:09
*** tristanC has quit IRC22:12
*** tristanC has joined #openstack-security22:13
*** sdake has joined #openstack-security22:34
ccneillYES22:36
ccneilllooks like devstack installed successfully..22:36
*** sdake_ has quit IRC22:36
*** mdong has quit IRC22:38
ccneillHorizon seems to be pretty sluggish..22:38
ccneillon my vm anyway22:38
*** tkelsey has joined #openstack-security22:40
*** singlethink has quit IRC22:42
*** tkelsey has quit IRC22:45
*** elmiko is now known as _elmiko22:47
unrahulyay!22:50
unrahulyeah horizon.. is a tad sluggish.22:51
unrahulI have give 8 GB as my vm memory22:51
unrahulso its kinda okay22:51
ccneillsigh.. of course, tried to reload the vm22:51
ccneilland it threw up all over me :(22:51
ccneillre-provisioning now.. should only take another decade :P22:51
ccneillbut I think I got all the kinks worked out, other than vagrant being weird22:52
ccneillgonna try to run syntribos against neutron tonight, hopefully +admin22:52
ccneillhere goes nothing..22:54
*** sicarie has quit IRC22:59
*** sdake has quit IRC22:59
ccneillgotta say, it is pretty darn cool watching a bash script handle all the complexity of openstack and it Just Works™23:02
ccneilllol, pretty dire warning on the readme though: "DevStack runs rampant over the system it runs on, installing things and uninstalling other things. Running this on a system you care about is a recipe for disappointment, or worse."23:06
ccneillmm then there's this nugget: https://github.com/openstack-dev/devstack/blob/master/stack.sh#L12423:15
ccneillcreate a ~/.no-devstack file on your host system so you don't accidentally defile it with devstack lol23:16
*** markvoelker has quit IRC23:25
*** jass93 has quit IRC23:28
vinaypotluriccneill: take a snapshot of the virtual machine state...23:35
vinaypotluriif you reboot the VM directly, then the services might not boot properly23:36
ccneillgood point, will do!23:36
unrahul:D23:52
unrahulhehe yeah liked the statement on devstack read me23:52
unrahulyeah suspending is a good option.. often I have had to re run stack.sh23:52
« Wednesday, 2016-09-07 Index Friday, 2016-09-09 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!