Security Working Group meeting today
Joseph Reynolds
jrey at linux.ibm.com
Thu Nov 12 00:58:45 AEDT 2020
This is a reminder of the OpenBMC Security Working Group meeting
scheduled for this Wednesday November 11 at 10:00am PDT.
Apologies if this is a duplicate email.
We'll discuss the following items on the agenda
<https://docs.google.com/document/d/1b7x9BaxsfcukQDqbvZsU2ehMq4xoJRQvLxxsDUWmAOI/edit>,
and anything else that comes up:
1.
Is OpenBMC ready to move from root to an admin account? See
https://gerrit.openbmc-project.xyz/c/openbmc/docs/+/33847
<https://gerrit.openbmc-project.xyz/c/openbmc/docs/+/33847>
2.
The PAM_ABL module https://github.com/deksai/pam_abl
<https://github.com/deksai/pam_abl>is no longer supported. We had
discussed using PAM_ABL to help prevent DoS.
3.
The CSIS
<https://www.cloudsecurityindustrysummit.org/#documents>published a
paper “A Case for a Trustworthy BMC
<https://cloudsecurityindustrysummit.s3.us-east-2.amazonaws.com/a-case-for-a-trustworthy-bmc.pdf>”
that gives recommendations for security. A section analyzes how
well the OpenBMC project meets these recommendations
<https://cloudsecurityindustrysummit.s3.us-east-2.amazonaws.com/a-case-for-a-trustworthy-bmc.pdf#h.h0igu5dbvaun>.
I’ve added this to the OpenBMC security wiki.
Access, agenda and notes are in the wiki:
https://github.com/openbmc/openbmc/wiki/Security-working-group
<https://github.com/openbmc/openbmc/wiki/Security-working-group>
More information about the openbmc
mailing list