Secure the Linux Kernel with eBPF Linux Security Module - Vandana Salve, Independent Consultant
672 بار بازدید -
9 ماه پیش
-
Secure the Linux Kernel with
Secure the Linux Kernel with eBPF Linux Security Module - Vandana Salve, Independent Consultant
Linux security module (LSM) is a hook-based framework for implementing security policies and Mandatory Access Control in the Linux kernel. Until recently users looking to implement a security policy had just two options. Configure an existing LSM module such as AppArmor or SELinux, or write a custom kernel module. With LSM-BPF, it allows developers to write granular policies without configuration or loading a kernel module. LSM BPF programs are verified on load, and then executed when an LSM hook is reached in a call path. This presentation will focus on finding and leveraging BPF LSM security hooks to implement MAC or DAC policies into the Linux kernel.
Linux security module (LSM) is a hook-based framework for implementing security policies and Mandatory Access Control in the Linux kernel. Until recently users looking to implement a security policy had just two options. Configure an existing LSM module such as AppArmor or SELinux, or write a custom kernel module. With LSM-BPF, it allows developers to write granular policies without configuration or loading a kernel module. LSM BPF programs are verified on load, and then executed when an LSM hook is reached in a call path. This presentation will focus on finding and leveraging BPF LSM security hooks to implement MAC or DAC policies into the Linux kernel.
9 ماه پیش
در تاریخ 1402/07/12 منتشر شده
است.
672
بـار بازدید شده