Overview
Explore a comprehensive conference talk on binary policy implementation using IMA and AppArmor at Google. Dive into the technical aspects of Google's approach to platform security for their vast fleet of developer machines. Learn about novel techniques for providence-based policy on Linux workstations, including targeting IMA signatures and restricting executables from non-Google repositories. Discover the operational challenges of rolling out restrictive policies at scale, and gain insights into binary signing, execution control, and security domain transitions. Examine topics such as Santa, auditing, IMA EVM, extended attributes, keyring restrictions, and process tree complexities. Understand how Google addresses various security concerns, including untrusted vs. trusted executions, script handling, and log event management.
Syllabus
Introduction
Platform Security
Devices at Google
Execution Control
Santa
Upload
Linux
Experiment
Auditing
Protecting
Appraisal
IMA EVM
Extended Attributes
Signatures
Derivation
Demo
Keyring Restrictions
TLDR
Reboots
Keybinding Restrictions
Using Information
Triggering Appraisal
Untrusted vs Trusted
Trust Chapters
Scripts
Shebangs
NoNewPrince
SECMark
IP Table
Roulette
Log Event
Log Pipeline
Process Trees are Messy
Whats Next
Security Domain Transition
Binary Signing
Swift Signatures
Working with David Sanford
D Package
Taught by
Linux Foundation