Sandboxing in Linux with Zero Lines of Code
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore Linux sandboxing techniques without writing code in this 49-minute conference talk by Ignat Korchagin from Cloudflare. Delve into the problem of process isolation, understand process startup stages, and examine a concrete example. Learn about protecting against readbystand, distributing lib sandbox, combining approaches, including dynamic libraries, filtering and collecting system calls, and setting sandbox limits. Discover how to modify allowed or blocked system calls and understand the implications of sandboxing executables. Gain valuable insights into enhancing security and process isolation in Linux environments through this informative presentation from the Linux Foundation.
Syllabus
Introduction
The Problem
Overview
Process Startup Stages
Concrete Example
Questions
Answering Questions
How do you protect against readbystand
Is lib sandbox distributed by distros
Can we use both approaches
How to include dynamic libraries
How to filter system calls
How to collect system calls
How to sandboxify a limit
Can you change allowed or blocked system calls
What happens when you try to sandbox an executable
Out of question
Outro
Taught by
Linux Foundation
Tags
Related Courses
Linux Server Management and SecurityUniversity of Colorado System via Coursera Cybersecurity Roles, Processes & Operating System Security
IBM via Coursera Operating Systems and Security
IBM via edX Linux Security and Hardening, The Practical Security Guide.
Udemy The Complete Cyber Security Course : Hackers Exposed!
Udemy