Security Working Group Meeting - Wed 14 October
timevortex at google.com
Wed Oct 14 06:06:08 AEDT 2020
This is a reminder of the OpenBMC Security Working Group meeting scheduled
for this Wednesday October 14 at 10:00am PDT.
We'll discuss the following items on the agenda
and anything else that comes up:
1. (Joseph): Follow up from 2020-8-19: Gerrit code review: BMCWeb webUI
login change: https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/35457
Question: What are the security risks of using the proposed config flag
1. Fingerprinting (leak information about the BMC’s manufacturer and
2. Attackers have an easier time getting the code to find and exploit
3. May make DoS easier.
2. (Joseph): Per
we agree on the approach? What security categories seem most important?
Access, agenda and notes are in the wiki:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openbmc