Back To Schedule
Tuesday, September 17 • 11:45am - 12:35pm
Namespaces for Security - Jake Edge, LWN.net

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Namespace support has been growing in the Linux kernel, so there are now a number of ways that namespaces can be used to help protect Linux systems from exploits. Using namespaces (in particular, the mount, network, PID, and user namespaces) can isolate processes in ways that will prevent some types of vulnerabilities from compromising more of the system. Namespaces can be used as part of a "defense in depth" strategy to avoid the harm (or most of the harm) from exploits of vulnerable user-space applications.

This talk will be for Linux developers, particularly "system level" developers. It will assume some knowledge of C and Linux, but not require in-depth knowledge of either. Participants can expect to come away with a good foundation on what namespaces are and can do, along with concrete ideas of how to use namespaces in their projects. 


Jake Edge

Editor, LWN.net
After 20 years as a software engineer Jake Edge joined LWN.net as a full-time editor in 2007. Prior to LWN, he did development of system-level software, mostly on Linux after 1994 or so. Jake puts together the weekly LWN Security page as well as writing on other topics of interest... Read More →

Tuesday September 17, 2013 11:45am - 12:35pm
Celestin A

Attendees (0)