Overview
Syllabus
Intro
Why Do You Want To Write A Linux Security Module? We already have terrific security
When Is A Linux Security Module The Right Choice? Add access control Things controlled by
Restrictive Controls
When Is A Linux Security Module The Wrong Choice?
What Are The Alternatives?
Security Module Don'ts
What Do You Want To Protect?
What Do You Want To Protect it From?
The Hooks And Blobs Of A Linux Security Module
Access Control Hooks
Hooks Are Bail On Fail
State Maintenance Hooks
Access Hook Return values
Infrastructure Managed Security Blobs
Module Details
Setting Blob Sizes
The Blob, the Secid and the Secctx
Lifecycle Management Of A secctx
Credentials
Tasks
proc//attr
Object Based Hooks
Inodes
Traditional File Security Attributes
Extended Attributes
IPC objects and Keys
CONFIG_SECURITY_PATH
Aliases
Symlinks
Hardlinks
Mounts
Mount Namespaces
Network Hooks
Network Labels - Secmark
Network Labels - NetLabel
Taught by
Linux Foundation