[Testing] Security mtg minutes, 10/11/07
Kim Quirk
kim at laptop.org
Sat Oct 13 23:25:29 EDT 2007
Attending: Wad, CJB, Danny, Jim, Kim, Scott, Michael, Walter, SJ, Alex
(http://laptop.org/teamwiki/index.php/Team:Security_Meeting_2007-10-11)
*Activation:*
- We have three possible directions forward:
- No activation.
- Activation w/ no Bentham and no mfg-data from Quanta.
- Activation w/ no Bentham and manual data drops from Quanta.
Item (a) is ugly but we may not be able to take the risk of (b) or (c).
* Item (b) is how c_scott and m_stone are proceeding. (ask c_scott for
details)
Item (c) will not work with the plan for item (b).
Item (b) imposes substantial time-requirements (minimum 3 weeks) on
djbclark. We are not sure of the requirements on djbclark for item (c).
Containerization update:
* Scott has made a build branch named 'rainbow' for containerization work.
* Rainbow is correctly included in this build but the kernel and pyvserver
are not being installed in their correct versions. This should be easy to
fix, but we cannot test the build until this works correctly.
* When correct versions of pyvserver and the kernel are installed, the build
will almost certainly be broken due to changes I requested in the activity
launching protocol. After I fix this breakage, large-scale activity-fixing
can begin in earnest.
Secure reflash:
* We agree that the epoch and key-rollover mechanisms are adequate.
Network updates:
* Looking very good - we recently got XO-XO updates working.
* Does not play well with unreliable connections.
Vserver & Kernel update:
* Storm clouds loom in the future - vserver and 2.6.23 don't yet mix.
* cjb and Bertl are willing to work together on better regression testing but
cjb doesn't have time.
* Bertl is willing to fly out to 1CC if we ask, but doesn't think that it'scjb
worth it.
* JFFS2 disk accounting is in bad shape.
*Mtg notes:*
*Activation*
- Walter: Quanta is going to be recording data for their own business;
we should be able to require this data from them.
- Scott: Yes, but there is some risk in this. If we don't get this
data accurately for any one laptop; that laptop would be a brick. Here is
the manual process that doesn't require mfg data:
1. Go to each machine and get UUID and SN from a USB stick
2. Send this info securely to OLPC to get activation leases
3. Put the activation lease on laptop
- This doesn't preclude the ability to add more and more security
(Getting mfg data from quanta, getting bentham up and running, add HSM,
etc).
- Use ssl from the laptop (or deployment team) to OLPC global server.
- Walter has stated that we will not need instant turn arounds for
activation; that deployment teams will have sat phones or some internet
connection.
- Lease mgmt depends on the local clock; but initial activation does
not. Trac item added 4181.
- This brought up the question about what happens when/if battery dies
and clock stops.
- Need to sit with Scott, Alex, Kim, Michael on the test plan.
Deployment Updates:
- Need to be able to supply upgrade sticks as basic upgrade w/o
network connectivity.
- Would like to be able to update the laptop during boot with an extra
button push.
- Could type update command in virtual terminal.
- Need to sit with Michael, Alex, and Kim to discuss a test plan and
logging tools for testing rainbow containerization: Traces, standard I/O,
strace log.
- olpc-update -l (lists all available builds); and other new commands.
- Activities that are started from sugar will be containerized
- The thing we are trying to get working for FRS is that activities
have limited internet and filesystem access.
- Two obstacles:
- Base system into a build
- Some activities don't load and will need special attention
- Scott, Michael, CJB, reported on build machine and creating builds.
- Michael recommended a one day TEST strategy/planning day. Scott
suggested it be early next week.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.laptop.org/private/testing/attachments/20071013/a7ae43d9/attachment-0001.htm
More information about the Testing
mailing list