Name: How To Write A Linux Security Module That Makes Sense For You - Casey Schaufler, The Smack Project
Start: 2016-10-04T16:50:00+0200
End: 2016-10-04T17:40:00+0200

October 4-6 in Berlin, Germany
Register Now for LinuxCon+ContainerCon Europe

Back To Schedule

How To Write A Linux Security Module That Makes Sense For You - Casey Schaufler, The Smack Project

The traditional Linux security model traces it's fundamentals to the mini-computers of the 1970's. It makes a lot of sense for a machine without a network connection, shared by a handful of friendly collaborators. Linux security modules (LSM) were introduced to address the needs of high security environments. This talk will teach you what you can do with a Linux security module, and what you can't, the difference between a major module and a minor one. Techniques for implementing access controls on files, IPC and sockets will be covered, as will the underlying mechanisms required to maintain the data needed. The difference between inode based schemes and path name based ones will be made clear. In the end you'll have the tools you need to create a module that protects what you care about instead of what seemed like a good idea to a government researcher during the Cold War.

Speakers

Casey Schaufler

Engineer, Intel

Casey Schaufler worked on Unix kernels in the 1970s-90s. He has implemented access control lists, mandatory access control, extended filesystem attributes, X11 access controls, network protocols and audit systems. His involvement in Linux began with the Linux Security Module work... Read More →

Tuesday October 4, 2016 16:50 - 17:40 CEST
Hugos South

Developer View all LinuxCon Sessions

LinuxCon+ContainerCon Europe 2016

Casey Schaufler

Attendees (19)

LinuxCon+ContainerCon Europe 2016

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Casey Schaufler

Attendees (19)