2022-10-11 Security Subcommittee Meeting Notes
- Paweł Pawlak
Please find below the Minutes of Meetings and recording for the SECCOM meeting that was held on 11th of October 2022.
Jira No | Summary | Description | Status | Solution |
|---|---|---|---|---|
| TSC elections | ongoing - Voting will automatically end at 23:59 pacific time on Wednesday, Oct. 12th, 2022. |
|
|
| Logging and security update – Byung | Application should not handle non functional requirement, should be delegated to platfom level. Deamon set is used and it should be avoided (as having root privilege user) – to be discussed with Bob. |
| How to distribute FluentBit to each node without root access. |
| Architecture Subcommittee | multitenancy – major discussion area:
SDC started some tests for multitenanacy. In case of SQL injection big problem potentially. |
| Byung to work with Andreas on updates tomorrow. |
| TSC meeting (October 6th) | TSC approves the Kohn M4 milestone as being met with the following exceptions to be completed by the RC milestone: INT-2145, INT-2146, & OPTFRA-1093. |
|
|
| PTL meeting (October 10th) | Packages upgrade – DMaaP whitelisting results for some AT&T packages where no upgrade is expected. https://lf-onap.atlassian.net/wiki/display/DW/Release+Planning%3A+London |
|
|
| New repo is needed | Not only PTL might request for a repo. Sub- repo from unmaintained project (owner: David MCbride) could be used as well as OJSI. |
|
|
| DTF SECCOM topics | Expectations for multiproject topics:
|
|
|
| Security asessment questionaire | Ongoing Tony with Vijay for DCAE, some adjustments needed. |
|
|
| Gerrit reviews | Presentation delivered by Tony to PTLs meeting - ongoing eschanges with several PTLs inb the contect of London efforts. |
|
|
| Daylight saving time | To be further elaborated. In US in the week of November 4th, last weekend of October for Europe/Poland. |
|
|
| SECCOM MEETING CALL WILL BE HELD ON 18th OF October'22. |
|
|
|
Recordings:
SECCOM presentation:
