CloudABI - Capability Based Security on Linux/Unix
Offered By: EuroPython Conference via YouTube
Course Description
Overview
Explore capability-based security on Unix systems with CloudABI in this EuroPython conference talk. Dive into the design principles of CloudABI, a POSIX-based computing environment that enhances security by restricting processes to only affect provided file descriptors. Learn how CloudABI removes APIs capable of acquiring global resources, requiring processes to be granted specific capabilities. Discover the benefits and trade-offs of this approach, including the ability to safely execute unknown binaries without containers or virtual machines. Gain insights into writing Python software for CloudABI, potential pitfalls to avoid, and the current and future status of this technology. Compare CloudABI to traditional Unix security models and understand its implementation across various operating systems, including BSD, Linux, and macOS.
Syllabus
Intro
Background
Problem
CloudABI
API Removal
Capability Tokens
Example Configuration
Future Possibilities
Questions
Taught by
EuroPython Conference
Related Courses
Introduction to LinuxLinux Foundation via edX 操作系统原理(Operating Systems)
Peking University via Coursera Internet of Things: Setting Up Your DragonBoard™ Development Platform
University of California, San Diego via Coursera Information Security-3
Indian Institute of Technology Madras via Swayam Introduction to Embedded Systems Software and Development Environments
University of Colorado Boulder via Coursera