Security Working Group - Wednesday March 4

Joseph Reynolds jrey at
Tue Mar 3 11:05:13 AEDT 2020

This is a reminder of the OpenBMC Security Working Group meeting 
scheduled for this Wednesday March 4 at 10:00am PDT.

We'll discuss current development items, and anything else that comes up.

The current topics:

1. Proposal to add new Redfish roles for ServiceRep & OemRep. 2. 
Implement the Redfish PasswordChangeRequired property. 3. Proposal to 
delete BMCWeb sessions after some kinds of account changes.

4. Intel hackathon (pen test, code reviews, etc) results. 5. Security 
issue: BMCWEB_ENABLE_DBUS_REST=ON enables information leak

6. Discuss making contributions toward
for the May 2020 OpenBMC release based on Yocto 3.1.

Access, agenda, and notes are in the wiki:

- Joseph

More information about the openbmc mailing list