Overview
Syllabus
Intro
What is it about?
State of security for applications nowadays
What is (security) sandboxing?
Why do we need sandboxing?
State of the art
Security features available in traditional Linux systems
Comparisons of different sandboxing mechanisms
What is Landlock?
Use cases
Current access-control features: filesystem
Automatic hierarchy restrictions
Interesting development properties
Landlock vocabulary
How to use Landlock?
Create a ruleset
Add rules
Enforce the ruleset
Developer tools
Kernel compatibility
Backward compatibility
Future-proofness
Roadmap (kernel-side)
Wrap-up
Taught by
Linux Foundation