Explore techniques for enhancing application security through unmodified classic application confinement in this 50-minute conference talk by John Johansen and Georgia Garcia from Canonical. Delve into Canonical's use of snap application sandboxing to improve security without requiring application rewrites or modifications. Learn about various methods being implemented and tested to strengthen application confinement while maintaining user-friendliness. Discover approaches such as notifying userspace for policy updates and nuanced responses, application and file tagging, improved control over environment variables, and dynamic policy composition. Gain insights into balancing security measures with user experience in the context of running applications from confinement without modification.
Overview
Syllabus
Improving Unmodified Classic Application Confinement - John Johansen & Georgia Garcia, Canonical
Taught by
Linux Foundation