* Security Working Group meeting Wednesday December 11
@ 2019-12-10 1:29 Joseph Reynolds
2019-12-11 20:58 ` Joseph Reynolds
0 siblings, 1 reply; 2+ messages in thread
From: Joseph Reynolds @ 2019-12-10 1:29 UTC (permalink / raw)
To: openbmc
This is a reminder of the OpenBMC Security Working Group meeting
scheduled for this Wednesday December 11 at 10:00am PDT.
We'll discuss current development items, and anything else that comes
up. The current topics:
1.
BMCWeb patch to allow BMC admin to disable authentication
methods<https://github.com/openbmc/bmcweb/commit/78158631aeab5b77ea9a5f566508285cb839fadf>
2.
Gerrit code review to “Provide feedback from Linux PAM about why the
new password is not accepted”
<https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/27503>
3.
Gerrit code review to “lockout a user account for 5 minutes after 5
login failures”
4.
Gerrit code review to implement the Refish ConfigureSelf privilege
correctly, which lets non-admin users change their own password and
log out of their own sessions.
5.
Email about TFTP vulnerabilities and SCP or SFTP
replacement<https://lists.ozlabs.org/pipermail/openbmc/2019-December/019725.html>
6.
Trivial PAM bmcweb config file change
Access, agenda, and notes are in the wiki:
https://github.com/openbmc/openbmc/wiki/Security-working-group
- Joseph
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Security Working Group meeting Wednesday December 11
2019-12-10 1:29 Security Working Group meeting Wednesday December 11 Joseph Reynolds
@ 2019-12-11 20:58 ` Joseph Reynolds
0 siblings, 0 replies; 2+ messages in thread
From: Joseph Reynolds @ 2019-12-11 20:58 UTC (permalink / raw)
To: openbmc
On 12/9/19 7:29 PM, Joseph Reynolds wrote:
> This is a reminder of the OpenBMC Security Working Group meeting
> scheduled for this Wednesday December 11 at 10:00am PDT.
The scheduled meeting in two weeks (2019-12-25) is cancelled due to US
holidays.
The next meeting is on for 2020-01-08.
See my notes from the meeting in the google doc.
The main discussion was about secure firmware provisioning and update
scenarios.
- Joseph
>
> Access, agenda, and notes are in the wiki:
>
> https://github.com/openbmc/openbmc/wiki/Security-working-group
>
> - Joseph
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-12-11 20:58 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-12-10 1:29 Security Working Group meeting Wednesday December 11 Joseph Reynolds
2019-12-11 20:58 ` Joseph Reynolds
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.