Security Working Group - Wednesday March 4
Joseph Reynolds
jrey at linux.ibm.com
Tue Mar 3 11:05:13 AEDT 2020
This is a reminder of the OpenBMC Security Working Group meeting
scheduled for this Wednesday March 4 at 10:00am PDT.
We'll discuss current development items, and anything else that comes up.
The current topics:
1. Proposal to add new Redfish roles for ServiceRep & OemRep. 2.
Implement the Redfish PasswordChangeRequired property. 3. Proposal to
delete BMCWeb sessions after some kinds of account changes.
4. Intel hackathon (pen test, code reviews, etc) results. 5. Security
issue: BMCWEB_ENABLE_DBUS_REST=ON enables information leak
6. Discuss making contributions toward
https://github.com/openbmc/openbmc/wiki/Security-working-group#security-end-of-release-checklist
for the May 2020 OpenBMC release based on Yocto 3.1.
Access, agenda, and notes are in the wiki:
https://github.com/openbmc/openbmc/wiki/Security-working-group
- Joseph
More information about the openbmc
mailing list