Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Designing to the Worst Case Scenario - Practical System Call Filtering with Seccomp

Linux Foundation via YouTube

Overview

Explore practical system call filtering with Seccomp in this informative conference talk. Learn how to protect embedded Linux systems by implementing system call filtering for potentially vulnerable applications. Discover the kernel's Seccomp feature and the LibSeccomp library, which can limit and control process system calls. Understand how to launch applications as child processes with filters in place, and explore system-level implementation using SystemD or isolated execution environments like LXC containers. Gain insights into stopping compromised applications from performing undesirable actions. This talk builds upon the earlier presentation "Confining Linux Applications with LibSeccomp" from the IoT Security Foundation 8th Annual Conference in October 2022.

Syllabus

Designing to the Worst Case Scenario - Practical System Call Filtering with Seccomp - Simon Goda

Taught by

Linux Foundation

Reviews

Start your review of Designing to the Worst Case Scenario - Practical System Call Filtering with Seccomp

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.