August 27 - 28 - Vancouver, BC, Canada
Click for Information & Registration
Sub-system Update [clear filter]
Monday, August 27

4:50pm PDT

Sub-system Update: AppArmor Update 2018 - John Johansen, Canonical
This talk provides an update of the current state of the AppArmor project. It will look at new features, and miscellaneous changes developed over the last year, as well as a look at the current work in progress.

avatar for John Johansen

John Johansen

Software Engineer, Canonical
John Johansen began working with open source software in the late 80s and began playing with Linux in 93. He completed a masters in mathematics at the University of Waterloo and the began working for Immunix doing compiler hardening, and then AppArmor. After Immunix was acquired by... Read More →

Monday August 27, 2018 4:50pm - 5:00pm PDT
Room 301
  Sub-system Update
  • Experience Level Any

5:00pm PDT

Sub-system Update: State of SELinux - Paul Moore, Red Hat
This is the annual "State of SELinux" presentation where the past year of SELinux related development is presented as well as current and expected future work.

avatar for Paul Moore

Paul Moore

Principal Software Engineer, Microsoft Corporation
Paul Moore has been involved in various Linux platform security efforts since 2004 at Hewlett-Packard, Red Hat, Cisco, and Microsoft. He currently maintains the Linux Security Module (LSM) layer as well as the SELinux, audit, and labeled networking subsystems in the Linux Kernel... Read More →

Monday August 27, 2018 5:00pm - 5:10pm PDT
Room 301

5:10pm PDT

Sub-system Update: Smack Update 2018 - Casey Schaufler, Intel
This talk will provide an update on the current state and activity in the Smack Linux Security Module.

avatar for Casey Schaufler

Casey Schaufler

Engineer, Intel
Casey Schaufler worked on Unix kernels in the 1970s-90s. He has implemented access control lists, mandatory access control, extended filesystem attributes, X11 access controls, network protocols and audit systems. His involvement in Linux began with the Linux Security Module work... Read More →

Monday August 27, 2018 5:10pm - 5:20pm PDT
Room 301
  Sub-system Update
  • Experience Level Any

5:20pm PDT

Sub-system Update: Linux Integrity Status Update - Mimi Zohar, IBM
The integrity subsystem status update will provide an overview of the new features and other changes upstreamed this past year, as well as discuss current and future development.


Mimi Zohar

Mimi Zohar is a researcher at the IBM T.J. Research Center. Her current interests are in the areas of system security and integrity She is the linux-integrity subsystem maintainer.

Monday August 27, 2018 5:20pm - 5:30pm PDT
Room 301
  Sub-system Update
  • Experience Level Any

5:30pm PDT

Sub-system Update: Kernel Self-Protection Project - Kees Cook, Google
This presentation will cover the year-in-review of the Kernel Self-Protection Project since the last Linux Security Summit NA, including an overview of all the security defenses landed in kernels 4.14 through 4.18. Some highlights are vmapped stacks, structure randomization, SLUB freelist obfuscation, set_fs() checking, fast refcount_t protection, Page Table Isolation, usercopy whitelisting, VLA removals, and the stackleak plugin.

We'll also take a quick look at the evolution of kernel CVE lifetimes, find out what defenses are still under development, and note some areas where help is still needed.

avatar for Kees Cook

Kees Cook

Kernel Security Software Engineer, Google
Kees Cook has been working with Free Software since 1994, has been a Debian Developer since 2007, and has been a member of the Linux Kernel Technical Advisory Board since 2019. He is currently employed as a Linux kernel security engineer by Google, focusing on upstream kernel security... Read More →

Monday August 27, 2018 5:30pm - 5:40pm PDT
Room 301
Filter sessions
Apply filters to sessions.