Open Stack

Hello,

I have experience writing selinux policy. My plan was to write the selinux policy for Kolla in the next cycle.  I'd be interested in joining if that fits the criteria here.

Thanks,
-Ryan

----- Original Message -----
From: "Steven Dake (stdake)" <stdake at cisco.com>
To: "OpenStack Development Mailing List (not for usage questions)" <openstack-dev at lists.openstack.org>
Sent: Tuesday, March 1, 2016 11:55:55 AM
Subject: [openstack-dev] [kolla][security] Obtaining the	vulnerability:managed tag

Core reviewers, 

Please review this document: 
https://github.com/openstack/governance/blob/master/reference/tags/vulnerability_managed.rst 

It describes how vulnerability management is handled at a high level for Kolla. When we are ready, I want the kolla delivery repos vulnerabilities to be managed by the VMT team. By doing this, we standardize with other OpenStack processes for handling security vulnerabilities. 

The first step is to form a kolla-coresec team, and create a separate kolla-coresec tracker. I have already created the tracker for kolla-coresec and the kolla-coresec team in launchpad: 

https://launchpad.net/~kolla-coresec 

https://launchpad.net/kolla-coresec 

I have a history of security expertise, and the PTL needs to be on the team as an escalation point as described in the VMT tagging document above. I also need 2-3 more volunteers to join the team. You can read the requirements of the job duties in the vulnerability:managed tag. 

If your interested in joining the VMT team, please respond on this thread. If there are more then 4 individuals interested in joining this team, I will form the team from the most active members based upon liberty + mitaka commits, reviews, and PDE spent. 

Regards 
-steve 


__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev