TSC Meeting Zoom link
...
Attendees | |
Name | Company |
Daniel Havey | Microsoft |
Cindy Wan | Microsoft |
Dave Thaler | Microsoft |
Jason Niesz | Walmart |
VM (Vicky) Brasseur | Wipro |
Walmart | |
Santhosh Fernandes | Walmart |
Eric Tice | Wipro |
Dhivya R | Walmart |
LF Staff: LJ Illuzzi
Agenda
Meeting note taker
Welcome to new attendees
- Wipro engagement
OpenSSF Best Practices badge
- Next Release- whats needed to achieve a release? Documentation?
- Community Growth - Blog Post based on eBPF Day May, and previous collateral
General Topics (cover as needed)
Use Cases
Roadmap
Project structure
Governance
Technical Steering Committee
- PRs
- Cilium's custom tail call findings - Satya
- Upcoming time off:
- LJ: June 15 (DTF in Porto) - proposal to cancel due to DTF
- LJ: June 22 (vacation)
Minutes/Updates
- WiPro engagement
- Eric - Will be looking for a replacement on the TSC
- Will continue to attend and be helpful in the interim.
- Vicky - Need to step back as well for a while.
- Ping if needed.
- OpenSSF best practices badge
- Group session to fill out form.
- fixed: New functionality question 1 needs the correct "cut and paste"
- fixed: Question 3 needs the same fix
- Look at warnings. Are they addressed?
- Are all build warnings turned on?
- Next Release - roadmap planning
- Need a serious look at feature and release cadence
- Need to grow contributors
- Leverage the eBPF day presentation for blogpost
- Release that we can put out on media
- Highlight Santhosh's L3AF presentation into a blog.
- Ongoing agenda item.
- PRs:
- WinZip - go ahead and merge...merged
- Increase test coverage - added go tests to increase coverage - please review!
- Please don't check in l3afd as a binary.
- Integrating with demo
- If I'm unpriv and I log on to the local machine, then how do we block elevation of privilege?
- How does l3afd know to not accept the restful request from someone who is not an admin?
- To update you need to be an admin.
...
- Not implemented - must use https to modify stuff from local loopback
- Make sure that this gets implemented
- Not implemented - must use https to modify stuff from local loopback
- Security vulnerability - unpriv user can get root access by installing an eBPF program.
- Need a separate issue for the prod env?
- Yes, prod env is not documented and we need to add a README.md for it.
- Action item to file the issue: Jason Niesz
- June 15th DTF in Puerto.
- Cancelling this meeting so that we can watch?
- Discuss next week
- Cancelling this meeting so that we can watch?