OPERATING SYSTEMSOS Linux

Overview and Recent Developments: seccomp and Small Linux Security Modules – Kees Cook, Google

Overview and Recent Developments: seccomp and Small Linux Security Modules – Kees Cook, Google 

This will give a crash course in the history and usage of three areas of Linux kernel security: the seccomp syscall filtering subsystem, the Yama ptrace-restriction LSM, and the LoadPin kernel-file-reading restriction LSM.

About Kees Cook
Kees Cook has been working with Free Software since 1994, and has been a Debian Developer since 2007. He is currently employed as a Linux kernel security engineer by Google, working on Android and and Chrome OS. From 2006 through 2011 he worked for Canonical as the Ubuntu Security Team’s Tech Lead, and remains on the Ubuntu Technical Board. Before that, he worked as the lead sysadmin at OSDL, before it was the Linux Foundation. He has written various utilities including GOPchop and Sendpage, and contributes randomly to other projects including fun chunks of code in OpenSSH, Inkscape, Wine, MPlayer, and Wireshark. He’s been spending most of his time lately focused on security features in the Linux Kernel.

source

by The Linux Foundation

linux foundation