Functionality vs Security

Brad Bishop bradleyb at fuzziesquirrel.com
Fri Feb 14 03:36:59 AEDT 2020



> On Feb 13, 2020, at 3:15 AM, Mihm, James <james.mihm at intel.com> wrote:
> 
> Exposing the REST D-Bus APIs via a network interface is bad practice and should be disabled by default.

Yeah.  You are right of course.  It isn’t really the what that bothers me here it is the how.  I’m disappointed that Intel was only able to make the Redfish enabled webui work for Intel and not anyone else.

> Just because it was done that way in the beginning doesn’t mean that it should remain that way.

I don’t remember saying this?

> Applications should be configured to be secure by default.

This sounds perfectly reasonable of course but I don’t know how to implement it for OpenBMC.  I’m not even sure what it means.  Security isn’t a boolean it is a spectrum.  Show me any security posture, and I will show you one that is slightly more strict/secure.  Clearly, my security posture isn’t strict enough for Intel.  However I know there are organizations out there that have even stricter security postures than Intel.  So in the general case - how does one decide which posture should be the default, and when is ok to “break” existing usage patterns rather than “update” them for the sake of a stricter security posture?  Help me establish some rules so we can avoid this kind of bickering in the future.

thx
-brad


More information about the openbmc mailing list