Loading…
June 26-30, 2023
Prague, Czech Republic + Virtual
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Embedded Open Source Summit 2023 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central European Summer Time (UTC/GMT +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

Back To Schedule
Friday, June 30 • 11:50 - 12:30
Designing to the Worst Case Scenario - Practical System Call Filtering with Seccomp - Simon Goda, Doulos Ltd

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
In this talk we look at how we can protect our embedded Linux systems by running potentially vulnerable applications (e.g. those that require user input or open files) with system call filtering in place. The kernel’s Seccomp feature and the corresponding user space LibSeccomp library can be used to limit and control the system calls a process can make. If the application is compromised in some way and attempts to do something undesirable it can be stopped in its tracks! We will look at how to do this directly by launching application as a child process. We’ll also see how these filters can be put in place at a system level using SystemD or in an isolated execution environment using (for example) LXC containers. This talk extends an earlier short presentation “Confining Linux Applications with LibSeccomp” which was presented at the IoT Security Foundation 8th Annual Conference in October 2022.
Speakers
SG

Simon Goda

Senior Member of Technical Staff, Doulos Ltd
Simon Goda is a senior member of technical staff at Doulos, the world-renowned training provider for hardware and software design. He has been working with Linux in embedded systems for over 15 years, starting at STMicroelectronics (R&D) Ltd, supporting and training customers using... Read More →

SimonGodaEOSS23Final pdf
Friday June 30, 2023 11:50 - 12:30 CEST
South Hall 3C (Level 3)
  Embedded Linux Conference (ELC)