Overview and Recent Developments: Seccomp and Small Linux Security Modules

Explore a comprehensive overview of three key areas in Linux kernel security: the seccomp syscall filtering subsystem, the Yama ptrace-restriction LSM, and the LoadPin kernel-file-reading restriction LSM. Delve into the history and practical applications of these security mechanisms in this 23-minute conference talk presented by Kees Cook, a Linux kernel security engineer at Google. Gain insights from Cook's extensive experience in Free Software development, including his work on Android and Chrome OS, as well as his contributions to various open-source projects. Learn about the latest developments and best practices for implementing these security features to enhance the protection of Linux-based systems.

Overview and Recent Developments: seccomp and Small Linux Security Modules - Kees Cook, Google