#openstack-meeting: OpenStack Security Group

Meeting started by bdpayne at 18:00:01 UTC (full logs).

Meeting summary

    1. Welcome security group! (bdpayne, 18:00:28)

  2. LXC Security Note (bdpayne, 18:01:30)
    1. https://bugs.launchpad.net/osn/+bug/1098582 (bdpayne, 18:01:48)
    2. This security note is about ready to go, looking for final comments and then we'll release it. (bdpayne, 18:02:36)
    3. If anyone has further feedback on the note, please get it in by the end of the day today (bdpayne, 18:06:07)

  3. Storage Encryption (bdpayne, 18:07:01)
    1. There are two open proposals for different kinds of storage encryption right now (bdpayne, 18:08:03)
    2. object encryption (swift) by Intel (bdpayne, 18:08:23)
    3. https://blueprints.launchpad.net/swift/+spec/encrypted-objects (bdpayne, 18:08:26)
    4. volume encryption (cinder) by APL (bdpayne, 18:08:36)
    5. https://blueprints.launchpad.net/nova/+spec/encrypt-cinder-volumes (bdpayne, 18:08:46)
    6. ACTION: Let's all try to review these and think about how they will fit together over the next week (bdpayne, 18:11:48)
    7. ACTION: Let's refine the security models for the storage encryption schemes (bdpayne, 18:15:45)

  4. Open Discussion (bdpayne, 18:16:54)
    1. so I wanted to open up the discussion a bit to see what other security related things are on people's minds and where the group can help (bdpayne, 18:17:27)
    2. python code in rootwrap (bdpayne, 18:18:41)
    3. https://blueprints.launchpad.net/oslo/+spec/nova-rootwrap-python-exec (bdpayne, 18:18:44)

  5. Next Steps (bdpayne, 18:24:57)
    1. So, I wanted to call out a few specific places where I think people can help today (bdpayne, 18:25:19)
    2. https://github.com/hyakuhei/OSSG_Hardening_Guide (bdpayne, 18:25:55)

  6. Final Words (bdpayne, 18:29:31)
    1. www.nsa.gov/ia/_files/os/redhat/rhel5-guide-i731.pdf (RHEL) (noslzzp, 18:30:36)


Meeting ended at 18:31:12 UTC (full logs).

Action items

  1. Let's all try to review these and think about how they will fit together over the next week
  2. Let's refine the security models for the storage encryption schemes


People present (lines said)

  1. bdpayne (80)
  2. Chris___ (14)
  3. mtesauro (8)
  4. rellerreller (6)
  5. noslzzp (6)
  6. openstack (3)
  7. uvirtbot (2)
  8. lauraglendenning (1)


Generated by MeetBot 0.1.4.