Security Working Group - Wednesday May 26 - results
Joseph Reynolds
jrey at linux.ibm.com
Thu May 27 04:59:57 AEST 2021
On 5/26/21 8:43 AM, Joseph Reynolds wrote:
> This is a reminder of the OpenBMC Security Working Group meeting
> scheduled for this Wednesday May 26 at 10:00am PDT.
>
> We'll discuss the following items on the agenda
> <https://docs.google.com/document/d/1b7x9BaxsfcukQDqbvZsU2ehMq4xoJRQvLxxsDUWmAOI/edit>,
> and anything else that comes up:
>
Bonus topic 0: We overviewed OpenBMC's security assurance documentation
at the start of the meeting.
> 1. Followup from last meeting re uboot, kexec, sysrq-trigger on ARM
> architecture.
We re-hashed the discussion, added new information, and added new concerns.
> 2. Interest in reviewing TLS protocols supported?
Yes. We discussed CBC ciphers and HMACs. Should we disable client
renegotiation?
Then we re-hashed the discussion about the HTTPS self-signed certificate
10 year duration.
Items added after the agenda was emailed:
3. user-manager: authentication & password management helper for
netipmid and bmcweb for non-root environment to drop direct PAM use.
Privilege separation and Master processes to handle users’ sessions
DISCUSSION:
Idea: Forward all authentication & password change & account change
requests to user-manager which would then need to be enhanced to check
authority when a request is made. Then phosphor-user-manager would need
root-like authority or a Linux capability to use PAM to change any
user’s password.
Does phosphor-user-manager also need to be (or work in tandem with) a
session manager? Then we can remove session management from IPMI
network and from BMCWeb, which would be modified to use user-manager.
Also consider how session-less unauthenticated host-IPMI would work.
- Joseph
>
>
> Access, agenda and notes are in the wiki:
> https://github.com/openbmc/openbmc/wiki/Security-working-group
> <https://github.com/openbmc/openbmc/wiki/Security-working-group>
>
> - Joseph
More information about the openbmc
mailing list