[Openstack-security] OSSG Meet up and Progress
Clark, Robert Graham
robert.clark at hp.com
Thu Jul 31 16:37:05 UTC 2014
Hi All!
As most of you know, we had a meet up of the OSSG a few weeks back,
there were various topics covered which you can read more about in the
etherpad here: https://etherpad.openstack.org/p/ossg-juno-meetup
I just wanted to highlight a few of the great successes that we had and
hope to encourage you all to come to our next meet up!
* Much of the week was taken up focussing on gate tests as these allow
us to demonstrate immediate value to the wider community. At first we
started by writing Pep8 checks, much of the prelim work for this was
done by Travis (Thanks!) - later we switched focus to a new tool written
by Jamie (Chair6) which shows some real promise as a new element in the
CI Chain. Application of these checks resulted in us noting and
processing some 37 new vulnerabilities in OpenStack - mainly low hanging
fruit but a great result!
* Lots of attention was paid to developing the threat modelling
process, during the walkthrough we found several issues of concern in
Keystone (which is where most of the excellent work by Shohel has been
done so far) - we learned that we need a way to streamline the process
and that we may have to come to terms with not being able to put every
project through the process for every release - very valuable time spent
here.
* The Security Guide has gone through some mammoth changes thanks mainly
to Bryan and his team - over 60 new bugs logged against the guide and
many new additions - including OpenStack newbies being guided through
the gerrit workflow for the first time - excellent work!
* Several new OpenStack Security Notes were produced during the week and
the process went through some refinement in real time, feedback from new
authors was essential to this and we look forward to increasing the
number of issued notes and the number of OSSN authors!
I wanted to keep the roundup brief, I know how busy you all are. I
invite others in the OSSG to reply to this, with their feedback,
highs/lows etc. to share with the community.
Cheers
-Rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6187 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-security/attachments/20140731/423e6b2a/attachment.bin>
More information about the Openstack-security
mailing list