Loading…
September 11-14, 2017 - Los Angeles, CA
Click Here For Information & Registration
View analytic
Monday, September 11 • 11:00am - 11:40am
Signing Linux Executables for Fun and Security - Matthew Garrett, Google

Sign up or log in to save this to your schedule and see who's attending!

Linux is not free from malware or the threat of targeted attacks, and so there are many circumstances where being able to control which executables may be run on a system is a benefit. But simply restricting a system to run only whitelisted binaries isn't practical - there are multiple legitimate reasons to run custom binaries locally, and the existence of interpreted languages makes things even more complicated.

This presentation will describe the use of Linux's Integrity Measurement Architecture and its support for providing and enforcing binary signatures. It will then describe how this may be integrated with existing security modules to provide a cryptographically enforced policy that allows for fine-grained executable permission levels allowing the creation of a secure Linux environment that still allows local customisation.

Speakers
MG

Matthew Garrett

Staff Security Developer, Google
Matthew Garrett is a security developer at Google, working on infrastructural security for Linux desktop and mobile platforms.


Monday September 11, 2017 11:00am - 11:40am
Gold 1
Feedback form isn't open yet.

Attendees (12)