Explore the latest developments in the Landlock security module for Linux in this 48-minute conference talk by Günther Noack from Google. Gain insights into Landlock's current features and recent advancements, with a particular focus on the new support for restricting IOCTL usage. Understand how Landlock empowers developers to define appropriate sandboxing policies for their programs, enhancing security and control. Delve into the design considerations and trade-offs involved in implementing IOCTL support, and learn about the future directions of this powerful security tool. Discover how Landlock is revolutionizing process restriction in Linux and equipping developers with more granular control over their applications' security profiles.
Overview
Syllabus
Update on Landlock: IOCTL Support - Günther Noack, Google
Taught by
Linux Foundation