Explore the intricacies of Seecomp, a Linux security tool, in this 19-minute talk by Kees Cook from Google, presented at a Linux Foundation event. Delve into the architecture, regression tests, and key features of Seecomp, including split phase implementation, ptrace ordering, serializing filters, and argument inspection. Learn about the tool's discoverable logging capabilities and gain insights from Cook's extensive experience in IoT security and Linux kernel development. Understand how Seecomp contributes to enhancing security measures in Linux systems and its potential impact on open-source software security.
Seecomp: Understanding Linux Kernel Security Features
Overview
Syllabus
Intro
What is Seecomp
Architecture support
Regression tests
Split phase
Ptrace ordering
Serializing filters
Argument inspection
Discoverable logging
Outro
Taught by
Linux Foundation
