LSM Stacking - Current Capabilities and Future Plans
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the evolution and future of Linux Security Module (LSM) stacking in this 30-minute conference talk by Casey Schaufler from Intel. Learn about the advancements made since the Linux kernel 5.1, which introduced infrastructure blob management, enabling limited sharing of extended system security data and greater flexibility in combining security modules. Discover the current capabilities for data sharing, upcoming plans for expanding shareable blobs, and the ultimate goal of complete module stacking. Gain insights into restricted stacking, infrastructure managed blobs, compound contexts, classic context choices, enhanced audit data, netlabel, secmarks, and labeled NFS4. Engage with the speaker's invitation for feedback on plans and suggestions for improvements in this Linux Foundation presentation.
Syllabus
Linux Security Modules
LSM Types
Restricted Stacking
Infrastructure Managed Blobs (5.3)
Goals
Infrastructure Managed Blobs (5.X)
Compound Contexts
Classic Contexts - Choices
Enhanced Audit Data
Infrastructure Managed Blobs (5.Y)
Netlabel
Secmarks
Labeled NFS4
Taught by
Linux Foundation
Tags
Related Courses
An Introduction to Computer NetworksStanford University via Independent Computer Networks
University of Washington via Coursera Computer Networking
Georgia Institute of Technology via Udacity Cybersecurity and Its Ten Domains
University System of Georgia via Coursera Model Building and Validation
AT&T via Udacity