#openstack-meeting log

15:04:58 <gagehugo> #startmeeting security
15:04:59 <openstack> Meeting started Thu Oct 25 15:04:58 2018 UTC and is due to finish in 60 minutes.  The chair is gagehugo. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:05:00 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:05:03 <openstack> The meeting name has been set to 'security'
15:05:29 * gagehugo totally didn't lose track of time
15:05:47 <gagehugo> #link https://etherpad.openstack.org/p/security-agenda
15:05:52 <Luzi> o/
15:06:10 <gagehugo> ping eeiden fungi gagehugo lhinds nickthetait browne redrobot
15:06:14 <gagehugo> Luzi: o/
15:06:52 * fungi is triple-booked between board of directors call, tc office hour and this meeting, just to set expectations ;)
15:09:28 <gagehugo> probably will be a pretty quick meeting, there was one issue in glance
15:09:34 <gagehugo> #link https://bugs.launchpad.net/glance/+bug/1799588
15:09:34 <openstack> Launchpad bug 1799588 in OpenStack Security Advisory "non-admin users can see all tenants' images even when image is private" [Undecided,Incomplete]
15:10:10 <gagehugo> could be a policy/configuration issue, but not sure
15:10:20 <gagehugo> Luzi: Do you have anything?
15:10:28 <gagehugo> these meetings are usually pretty informal
15:10:33 <Luzi> yes
15:10:36 <gagehugo> cool
15:10:51 <Luzi> you might have already read it on the ml or in some projects irc meetings
15:11:07 <Luzi> we want to propose Image encryption to openstack
15:11:22 <Luzi> this is a cross project proposal and should adress the confidentiality of images
15:12:02 <gagehugo> This thread: http://lists.openstack.org/pipermail/openstack-dev/2018-October/135387.html
15:12:05 <gagehugo> ?*
15:12:19 <Luzi> yes
15:12:40 <Luzi> we have already written specs for nova, cinder and glance
15:13:03 <gagehugo> do you have links for those on you?
15:13:10 <gagehugo> #link http://lists.openstack.org/pipermail/openstack-dev/2018-October/135387.html
15:13:17 <Luzi> Glance: https://review.openstack.org/#/c/609667/
15:13:26 <Luzi> Nova: https://review.openstack.org/#/c/608696/
15:13:33 <Luzi> Cinder: https://review.openstack.org/#/c/608663/
15:14:43 <gagehugo> awesome
15:14:50 <Luzi> it would be nice to have also input from the security side :)
15:14:58 <gagehugo> I'll put them on the agenda so I remember to read them later
15:15:01 <gagehugo> :)
15:15:42 <Luzi> thank you, it would be nice to discuss this further maybe next week or in the scurity channel :)
15:16:12 <gagehugo> Luzi: Sure, yeah I'll try to read them over before next meeting
15:16:29 <Luzi> gagehugo, thanks :)
15:17:01 <gagehugo> fungi: Not to bug you, did you have anything for this week?
15:17:10 <fungi> nothing really, no
15:17:12 <fungi> thanks though!
15:17:21 <gagehugo> ok
15:17:27 <fungi> just barely keeping up with all the conversations going on at once, sorry
15:17:36 <gagehugo> fungi: heh
15:17:46 <gagehugo> I put the links on the security agenda for Luzi's specs
15:17:56 <gagehugo> otherwise I think we can end early
15:18:13 <fungi> appreciated!
15:19:39 <gagehugo> Luzi fungi thanks for coming!
15:19:45 <gagehugo> #endmeeting