Designing to the Worst Case Scenario - Practical System Call Filtering with Seccomp - Simon Goda, Doulos Ltd

In this talk we look at how we can protect our embedded Linux systems by running potentially vulnerable applications (e.g. those that require user input or open files) with system call filtering in place. The kernel’s Seccomp feature and the corresponding user space LibSeccomp library can be used to limit and control the system calls a process can make. If the application is compromised in some way and attempts to do something undesirable it can be stopped in its tracks! We will look at how to do this directly by launching application as a child process. We’ll also see how these filters can be put in place at a system level using SystemD or in an isolated execution environment using (for example) LXC containers. This talk extends an earlier short presentation “Confining Linux Applications with LibSeccomp” which was presented at the IoT Security Foundation 8th Annual Conference in October 2022.

свернуть