A gentle introduction into the security concepts offered by modern POSIX systems: Kernel Sandboxing and Privilege Separation
This talk will cover two concepts that are crucial in modern applications: Sandboxing and Process Separation, as well as the combination and necessity of these two.
As programmers, we often make tiny silly mistakes. Tiny silly mistakes, that lead to unnoticeable bugs, which might be exploited in the most dangerous and ugliest ways. Acknowledging this fact, by restricting the powers of a process, makes the impact of potential exploits much harder.
After this talk, the audience will know about the necessity of sandboxing, the history of security in operating systems in general, as well as the current mechanisms used to secure modern applications.