The Linux Security Module (LSM) infrastructure has gone through some
major changes recently, and has more in the pipeline. This session will
describe the overhaul introduced in 4.2 and outline the upcoming work. How the
changes are going to make it easier to implement modern notions of access
control and how to bring hard to justify features into the system are
described. Includes many forward looking statements.
Casey Schaufler started programming Unix kernels at the end of the 1970's, when megabytes were for disc drives and C was still written in K&R style. He started working on system security in the Orange Book era, contributing to SunOS/MLS, Trusted Irix and the POSIX P1003.1e/2c drafts. During this time he implemented access control lists, mandatory access control, extended filesystem attributes, X11 access controls, network protocols and more audit systems than is really healthy. His involvement in Linux began with the Linux Security Module work at the turn of the century, but was off the mainstream until he introduced the Smack LSM in 2007. Casey has worked on MeeGo, Tizen and other lesser known system products. Most recently, he reworked the LSM infrastructure as the initial stage in supporting multiple concurrent modules.
Casey lives on the California coast, just south of San Francisco. He is employed at Intel's Open Source Technology Center.
Geelong is Victoria's second largest city, located on Corio Bay, and within a short drive from popular beach-front communities on the Bellarine Peninsula as well as being the gateway to the famous Great Ocean Road
linux.conf.au is widely regarded by delegates as one of the best community run Linux conferences worldwide and is the largest Linux and Open Source Software conference in the Asia-Pacific.
Our Sponsors help make linux.conf.au become the awesome conference everyone comes back to year after year. Come see who's on board this year, or find out how to get in contact with us