SlideShare ist ein Scribd-Unternehmen logo

Linux Security APIs and the Chromium Sandbox (SwedenCpp Meetup 2017)

Patricia Aas
Patricia Aas

The Linux Security and Isolation APIs have become the basis of some of the most useful features server-side, providing the isolation required for efficient containers. However, these APIs also form the basis of the Chromium Sandbox on Linux, and we will study them in that context. This presentation goes more in depth on some key points from the NDC (2017) presentation.

Technologie
1 von 26
Downloaden Sie, um offline zu lesen
@pati_gallardo
Linux Security and How Web Browser Sandboxes Really Work Patricia Aas SweedenCpp Meetup C++ Stockholm 0x08 2017 @pati_gallardo
Patricia Aas Programmer - mainly in C++ and Java Currently : Vivaldi Technologies Previously : Cisco Systems, Knowit, Opera Software Master in Computer Science Twitter : @pati_gallardo
One Binary Browser Gpu BrokerZygote Renderer GpuZygote Init Clone/Exec * User/Pid/Net Fork/Exec * * NO_NEW_PRIVS ForkFork Clone
The Initial Sandbox @pati_gallardo
Windows of Opportunity Browser Gpu BrokerZygote Renderer GpuZygote Init Clone/Exec * User/Pid/Net Fork/Exec * * NO_NEW_PRIVS ForkFork Clone
Namespaces in use CLONE_NEWUSER No privilege is needed to create a USER NS, and in one we can create a PID NS without global privilege. CLONE_NEWPID Same PID number can represent different processes in different PID namespaces. One init (PID 1) process per PID NS CLONE_NEWNET Isolate a process from network @pati_gallardo Zygote + Renderer
At Clone : Create NAmespaces Clone flags define the process* created and will create namespaces (NS) for it 1. Test which NS are available 2. Fail if not sufficient 3. Construct the biggest supported and applicable set Emulates fork with longjmp * Also used to create threads @pati_gallardo Zygote + Renderer
int flags = CLONE_NEWUSER | CLONE_NEWPID | CLONE_NEWNET; jmp_buf env; if (setjmp(env) == 0) { return CloneAndLongjmpInChild(flags, ptid, ctid, &env); } @pati_gallardo chromium/base/process/launch_posix.cc Code Simplified To Illustrate
pid_t CloneAndLongjmpInChild(unsigned long flags, pid_t* ptid, pid_t* ctid, jmp_buf* env) { char stack_buf[PTHREAD_STACK_MIN]; void* stack = stack_buf + sizeof(stack_buf); return clone(&CloneHelper, stack, flags, env, ptid, nullptr, ctid); } @pati_gallardo chromium/base/process/launch_posix.cc Code Simplified To Illustrate
int CloneHelper(void* arg) { jmp_buf* env_ptr = reinterpret_cast<jmp_buf*>(arg); longjmp(*env_ptr, 1); // Should not be reached assert(false); return 1; } @pati_gallardo chromium/base/process/launch_posix.cc Code Simplified To Illustrate
Shrinking the Initial Sandbox @pati_gallardo
Shrinking the Sandbox Browser Gpu Broker Seccomp Zygote SYS_ADMIN Renderer Pid capset rlimit Gpu Seccomp Zygote Init User capset chroot Clone/Exec * User/Pid/Net Fork/Exec * * NO_NEW_PRIVS Done post fork ForkFork Clone
Seccomp BPF Program Program written in an assembly-like language to filter system-calls. Runs in a simple VM in kernel space. All syscalls will be filtered by this program TSYNC : Once a Seccomp Program is installed it applies to all threads in a process@pati_gallardo Renderer + Gpu + Broker
Seccomp : BPF Policies BPF Program defined in a Policy Fundamentally a whitelist, allows a set of syscalls and has custom handling of others. An extended Policy is generally more permissive 1. BaselinePolicy 1.1 GpuProcessPolicy 1.1.1 GpuBrokerProcessPolicy 1.2 RendererProcessPolicy @pati_gallardo Renderer + Gpu + Broker
void StartSandboxWithPolicy(sandbox::bpf_dsl::Policy* policy) { SandboxBPF sandbox(policy); assert(sandbox.StartSandbox()); } bool SandboxBPF::StartSandbox() { InstallFilter(); return true; } @pati_gallardo chromium/content/common/sandbox_linux/sandbox_seccomp_bpf_linux.cc chromium/sandbox/linux/seccomp-bpf/sandbox_bpf.cc Code Simplified To Illustrate
void SandboxBPF::InstallFilter() { CodeGen::Program program = AssembleFilter(); struct sock_filter bpf[program.size()]; const struct sock_fprog prog = { static_cast<unsigned short>(program.size()), bpf }; memcpy(bpf, &program[0], sizeof(bpf)); assert(prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) == 0); assert(seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &prog) == 0); } @pati_gallardo chromium/sandbox/linux/seccomp-bpf/sandbox_bpf.cc Code Simplified To Illustrate
Chroot : Drop Access to FS - clone(CLONE_FS) a child process - Child chroot(”/proc/self/fdinfo/”) - Child immediately does a chdir(“/”) - Child does _exit(kExitSuccess) You can see this by looking at ls -l /proc/<pid>/root Of the Zygote or any ancestor Credentials::DropFileSystemAccess@pati_gallardo Zygotes + Renderer
bool ChrootToSafeEmptyDir() { pid_t pid = -1; char stack_buf[PTHREAD_STACK_MIN]; void* stack = stack_buf + sizeof(stack_buf); int clone_flags = CLONE_FS | LINUX_SIGCHLD; pid = clone(ChrootToSelfFdinfo, stack, clone_flags, nullptr); int status = -1; assert(HANDLE_EINTR(waitpid(pid, &status, 0)) == pid); return WIFEXITED(status) && WEXITSTATUS(status) == kExitSuccess; } @pati_gallardo chromium/sandbox/linux/services/credentials.cc Code Simplified To Illustrate
int ChrootToSelfFdinfo(void*) { assert(chroot("/proc/self/fdinfo/") == 0); assert(chdir("/") == 0); _exit(kExitSuccess); } @pati_gallardo chromium/sandbox/linux/services/credentials.cc Code Simplified To Illustrate
Trust is Relative Browser Gpu Broker Seccomp Zygote SYS_ADMIN Renderer Pid capset rlimit Gpu Seccomp Zygote Init User capset chroot Clone/Exec * User/Pid/Net Fork/Exec * * NO_NEW_PRIVS Done post fork ForkFork Clone No access to filesystem
vivaldi://sandbox @pati_gallardo
Sources Michael Kerrisk Book: The Linux Programming Interface Course: Linux Security and Isolation APIs Chromium/Kernel source + Linux Man Pages + lwn.net All Errors Are My Own
Linux Security and How Web Browser Sandboxes Really Work Patricia Aas, Vivaldi Technologies @pati_gallardo Photos from pixabay.com
Make Everyone Feel Safe To Be Themselves @pati_gallardo
Vivaldi Swag Patricia Aas, Vivaldi Technologies @pati_gallardo Photos from pixabay.com

Empfohlen

Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...
Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...
Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...Patricia Aas
 
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)Patricia Aas
 
Install Nagios Core On CentOS 7
Install Nagios Core On CentOS 7Install Nagios Core On CentOS 7
Install Nagios Core On CentOS 7sharad chhetri
 
STM32 개발 환경 셋팅
STM32 개발 환경 셋팅STM32 개발 환경 셋팅
STM32 개발 환경 셋팅인호 최
 
Git
GitGit
Gitjnewland
 
Docker 1.10 1.11
Docker 1.10 1.11Docker 1.10 1.11
Docker 1.10 1.11dchaffiol
 
Basic Git Tutorial
Basic Git TutorialBasic Git Tutorial
Basic Git TutorialVicente Bolea
 
Building a scalable learning platform - Erik Veld - Codemotion Amsterdam 2018
Building a scalable learning platform - Erik Veld - Codemotion Amsterdam 2018Building a scalable learning platform - Erik Veld - Codemotion Amsterdam 2018
Building a scalable learning platform - Erik Veld - Codemotion Amsterdam 2018Codemotion
 

Empfohlen

Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...
Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...
Linux Security and How Web Browser Sandboxes Really Work (Security Researcher...Patricia Aas
 
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)Patricia Aas
 
Install Nagios Core On CentOS 7
Install Nagios Core On CentOS 7Install Nagios Core On CentOS 7
Install Nagios Core On CentOS 7sharad chhetri
 
STM32 개발 환경 셋팅
STM32 개발 환경 셋팅STM32 개발 환경 셋팅
STM32 개발 환경 셋팅인호 최
 
Git
GitGit
Gitjnewland
 
Docker 1.10 1.11
Docker 1.10 1.11Docker 1.10 1.11
Docker 1.10 1.11dchaffiol
 
Basic Git Tutorial
Basic Git TutorialBasic Git Tutorial
Basic Git TutorialVicente Bolea
 
Building a scalable learning platform - Erik Veld - Codemotion Amsterdam 2018
Building a scalable learning platform - Erik Veld - Codemotion Amsterdam 2018Building a scalable learning platform - Erik Veld - Codemotion Amsterdam 2018
Building a scalable learning platform - Erik Veld - Codemotion Amsterdam 2018Codemotion
 
nginx.conf - globo.com's live video platform for fifa world cup 14
nginx.conf - globo.com's live video platform for fifa world cup 14nginx.conf - globo.com's live video platform for fifa world cup 14
nginx.conf - globo.com's live video platform for fifa world cup 14Leandro Moreira
 
Qt native built for raspberry zero
Qt native built for raspberry zeroQt native built for raspberry zero
Qt native built for raspberry zeroSoheilSabzevari2
 
Git & G
Git & GGit & G
Git & GSangJung Woo
 
Git & GitHub
Git & GitHubGit & GitHub
Git & GitHubSangJung Woo
 
Zedroid - Android (5.0 and later) on Zedboard
Zedroid - Android (5.0 and later) on ZedboardZedroid - Android (5.0 and later) on Zedboard
Zedroid - Android (5.0 and later) on ZedboardIndustrial Technology Research Institute (ITRI)(工業技術研究院, 工研院)
 
Summit 16: ARM Mini-Summit - OpenFastPath is Open and Fast - Nokia
Summit 16: ARM Mini-Summit - OpenFastPath is Open and Fast - NokiaSummit 16: ARM Mini-Summit - OpenFastPath is Open and Fast - Nokia
Summit 16: ARM Mini-Summit - OpenFastPath is Open and Fast - NokiaOPNFV
 
WebRTC と Native とそれから、それから。
WebRTC と Native とそれから、それから。 WebRTC と Native とそれから、それから。
WebRTC と Native とそれから、それから。 tnoho
 
Istio - The life of a packet
Istio - The life of a packetIstio - The life of a packet
Istio - The life of a packetMatt Turner
 
Docker at Digital Ocean
Docker at Digital OceanDocker at Digital Ocean
Docker at Digital OceanCloud 66
 
GNOME on Android Dongle
GNOME on Android DongleGNOME on Android Dongle
GNOME on Android Dongleprinceofgiri
 
2
22
2Terra Girlando
 
OpenChain AutomotiveWG(OSS license tools()
OpenChain AutomotiveWG(OSS license tools()OpenChain AutomotiveWG(OSS license tools()
OpenChain AutomotiveWG(OSS license tools()Yuichi Kusakabe
 
Networks, Linux, Containers, Pods
Networks, Linux, Containers, PodsNetworks, Linux, Containers, Pods
Networks, Linux, Containers, PodsMatt Turner
 
Node Web Development 2nd Edition: Chapter2 Setup Node and NPM
Node Web Development 2nd Edition: Chapter2 Setup Node and NPMNode Web Development 2nd Edition: Chapter2 Setup Node and NPM
Node Web Development 2nd Edition: Chapter2 Setup Node and NPMRick Chang
 
Porting Tizen to open source hardware devices for beginners
Porting Tizen to open source hardware devices for beginnersPorting Tizen to open source hardware devices for beginners
Porting Tizen to open source hardware devices for beginnersLeon Anavi
 
Mastering in troubleshooting nfv
Mastering in troubleshooting nfvMastering in troubleshooting nfv
Mastering in troubleshooting nfvSadique Puthen
 
Understanding kube proxy in ipvs mode
Understanding kube proxy in ipvs modeUnderstanding kube proxy in ipvs mode
Understanding kube proxy in ipvs modeVictor Morales
 
Skyfall b sides-c00-l-ed5-sp-2013
Skyfall b sides-c00-l-ed5-sp-2013Skyfall b sides-c00-l-ed5-sp-2013
Skyfall b sides-c00-l-ed5-sp-2013Mauro Risonho de Paula Assumpcao
 
A Close Look at ARM Code Size
A Close Look at ARM Code SizeA Close Look at ARM Code Size
A Close Look at ARM Code SizeSamsung Open Source Group
 
Hardgroup - Raspberry PI #1
Hardgroup - Raspberry PI #1Hardgroup - Raspberry PI #1
Hardgroup - Raspberry PI #1Sebastian Pożoga
 
Advanced memory allocation
Advanced memory allocationAdvanced memory allocation
Advanced memory allocationJoris Bonnefoy
 
numPYNQ @ NGCLE@e-Novia 15.11.2017
numPYNQ @ NGCLE@e-Novia 15.11.2017numPYNQ @ NGCLE@e-Novia 15.11.2017
numPYNQ @ NGCLE@e-Novia 15.11.2017NECST Lab @ Politecnico di Milano
 

Weitere ähnliche Inhalte

Was ist angesagt?

nginx.conf - globo.com's live video platform for fifa world cup 14
nginx.conf - globo.com's live video platform for fifa world cup 14nginx.conf - globo.com's live video platform for fifa world cup 14
nginx.conf - globo.com's live video platform for fifa world cup 14Leandro Moreira
 
Qt native built for raspberry zero
Qt native built for raspberry zeroQt native built for raspberry zero
Qt native built for raspberry zeroSoheilSabzevari2
 
Summit 16: ARM Mini-Summit - OpenFastPath is Open and Fast - Nokia
Summit 16: ARM Mini-Summit - OpenFastPath is Open and Fast - NokiaSummit 16: ARM Mini-Summit - OpenFastPath is Open and Fast - Nokia
Summit 16: ARM Mini-Summit - OpenFastPath is Open and Fast - NokiaOPNFV
 
WebRTC と Native とそれから、それから。
WebRTC と Native とそれから、それから。 WebRTC と Native とそれから、それから。
WebRTC と Native とそれから、それから。 tnoho
 
Istio - The life of a packet
Istio - The life of a packetIstio - The life of a packet
Istio - The life of a packetMatt Turner
 
Docker at Digital Ocean
Docker at Digital OceanDocker at Digital Ocean
Docker at Digital OceanCloud 66
 
GNOME on Android Dongle
GNOME on Android DongleGNOME on Android Dongle
GNOME on Android Dongleprinceofgiri
 
OpenChain AutomotiveWG(OSS license tools()
OpenChain AutomotiveWG(OSS license tools()OpenChain AutomotiveWG(OSS license tools()
OpenChain AutomotiveWG(OSS license tools()Yuichi Kusakabe
 
Networks, Linux, Containers, Pods
Networks, Linux, Containers, PodsNetworks, Linux, Containers, Pods
Networks, Linux, Containers, PodsMatt Turner
 
Node Web Development 2nd Edition: Chapter2 Setup Node and NPM
Node Web Development 2nd Edition: Chapter2 Setup Node and NPMNode Web Development 2nd Edition: Chapter2 Setup Node and NPM
Node Web Development 2nd Edition: Chapter2 Setup Node and NPMRick Chang
 
Porting Tizen to open source hardware devices for beginners
Porting Tizen to open source hardware devices for beginnersPorting Tizen to open source hardware devices for beginners
Porting Tizen to open source hardware devices for beginnersLeon Anavi
 
Mastering in troubleshooting nfv
Mastering in troubleshooting nfvMastering in troubleshooting nfv
Mastering in troubleshooting nfvSadique Puthen
 
Understanding kube proxy in ipvs mode
Understanding kube proxy in ipvs modeUnderstanding kube proxy in ipvs mode
Understanding kube proxy in ipvs modeVictor Morales
 

Was ist angesagt? (20)

nginx.conf - globo.com's live video platform for fifa world cup 14
nginx.conf - globo.com's live video platform for fifa world cup 14nginx.conf - globo.com's live video platform for fifa world cup 14
nginx.conf - globo.com's live video platform for fifa world cup 14
 
Qt native built for raspberry zero
Qt native built for raspberry zeroQt native built for raspberry zero
Qt native built for raspberry zero
 
Git & G
Git & GGit & G
Git & G
 
Git & GitHub
Git & GitHubGit & GitHub
Git & GitHub
 
Zedroid - Android (5.0 and later) on Zedboard
Zedroid - Android (5.0 and later) on ZedboardZedroid - Android (5.0 and later) on Zedboard
Zedroid - Android (5.0 and later) on Zedboard
 
Summit 16: ARM Mini-Summit - OpenFastPath is Open and Fast - Nokia
Summit 16: ARM Mini-Summit - OpenFastPath is Open and Fast - NokiaSummit 16: ARM Mini-Summit - OpenFastPath is Open and Fast - Nokia
Summit 16: ARM Mini-Summit - OpenFastPath is Open and Fast - Nokia
 
WebRTC と Native とそれから、それから。
WebRTC と Native とそれから、それから。 WebRTC と Native とそれから、それから。
WebRTC と Native とそれから、それから。
 
Istio - The life of a packet
Istio - The life of a packetIstio - The life of a packet
Istio - The life of a packet
 
Docker at Digital Ocean
Docker at Digital OceanDocker at Digital Ocean
Docker at Digital Ocean
 
GNOME on Android Dongle
GNOME on Android DongleGNOME on Android Dongle
GNOME on Android Dongle
 
2
22
2
 
OpenChain AutomotiveWG(OSS license tools()
OpenChain AutomotiveWG(OSS license tools()OpenChain AutomotiveWG(OSS license tools()
OpenChain AutomotiveWG(OSS license tools()
 
Networks, Linux, Containers, Pods
Networks, Linux, Containers, PodsNetworks, Linux, Containers, Pods
Networks, Linux, Containers, Pods
 
Node Web Development 2nd Edition: Chapter2 Setup Node and NPM
Node Web Development 2nd Edition: Chapter2 Setup Node and NPMNode Web Development 2nd Edition: Chapter2 Setup Node and NPM
Node Web Development 2nd Edition: Chapter2 Setup Node and NPM
 
Porting Tizen to open source hardware devices for beginners
Porting Tizen to open source hardware devices for beginnersPorting Tizen to open source hardware devices for beginners
Porting Tizen to open source hardware devices for beginners
 
Mastering in troubleshooting nfv
Mastering in troubleshooting nfvMastering in troubleshooting nfv
Mastering in troubleshooting nfv
 
Understanding kube proxy in ipvs mode
Understanding kube proxy in ipvs modeUnderstanding kube proxy in ipvs mode
Understanding kube proxy in ipvs mode
 
Skyfall b sides-c00-l-ed5-sp-2013
Skyfall b sides-c00-l-ed5-sp-2013Skyfall b sides-c00-l-ed5-sp-2013
Skyfall b sides-c00-l-ed5-sp-2013
 
A Close Look at ARM Code Size
A Close Look at ARM Code SizeA Close Look at ARM Code Size
A Close Look at ARM Code Size
 
Hardgroup - Raspberry PI #1
Hardgroup - Raspberry PI #1Hardgroup - Raspberry PI #1
Hardgroup - Raspberry PI #1
 

Andere mochten auch

Advanced memory allocation
Advanced memory allocationAdvanced memory allocation
Advanced memory allocationJoris Bonnefoy
 
OCCIware, an extensible, standard-based XaaS consumer platform to manage ever...
OCCIware, an extensible, standard-based XaaS consumer platform to manage ever...OCCIware, an extensible, standard-based XaaS consumer platform to manage ever...
OCCIware, an extensible, standard-based XaaS consumer platform to manage ever...OCCIware
 
What in the World is Going on at The Linux Foundation?
What in the World is Going on at The Linux Foundation?What in the World is Going on at The Linux Foundation?
What in the World is Going on at The Linux Foundation?Black Duck by Synopsys
 
Communication hardware
Communication hardwareCommunication hardware
Communication hardwareHans Mallen
 
DevRomagna / Golang Intro
DevRomagna / Golang IntroDevRomagna / Golang Intro
DevRomagna / Golang IntroSimone Gentili
 
In-Memory Computing Essentials for Architects and Engineers
In-Memory Computing Essentials for Architects and EngineersIn-Memory Computing Essentials for Architects and Engineers
In-Memory Computing Essentials for Architects and EngineersDenis Magda
 
Walk through an enterprise Linux migration
Walk through an enterprise Linux migrationWalk through an enterprise Linux migration
Walk through an enterprise Linux migrationRogue Wave Software
 
Scale Up with Lock-Free Algorithms @ JavaOne
Scale Up with Lock-Free Algorithms @ JavaOneScale Up with Lock-Free Algorithms @ JavaOne
Scale Up with Lock-Free Algorithms @ JavaOneRoman Elizarov
 
[若渴計畫] Challenges and Solutions of Window Remote Shellcode
[若渴計畫] Challenges and Solutions of Window Remote Shellcode[若渴計畫] Challenges and Solutions of Window Remote Shellcode
[若渴計畫] Challenges and Solutions of Window Remote ShellcodeAj MaChInE
 
Graduating To Go - A Jumpstart into the Go Programming Language
Graduating To Go - A Jumpstart into the Go Programming LanguageGraduating To Go - A Jumpstart into the Go Programming Language
Graduating To Go - A Jumpstart into the Go Programming LanguageKaylyn Gibilterra
 
In-depth forensic analysis of Windows registry files
In-depth forensic analysis of Windows registry filesIn-depth forensic analysis of Windows registry files
In-depth forensic analysis of Windows registry filesMaxim Suhanov
 
SDN Architecture & Ecosystem
SDN Architecture & EcosystemSDN Architecture & Ecosystem
SDN Architecture & EcosystemKingston Smiler
 
Deep dive into Coroutines on JVM @ KotlinConf 2017
Deep dive into Coroutines on JVM @ KotlinConf 2017Deep dive into Coroutines on JVM @ KotlinConf 2017
Deep dive into Coroutines on JVM @ KotlinConf 2017Roman Elizarov
 

Andere mochten auch (20)

Advanced memory allocation
Advanced memory allocationAdvanced memory allocation
Advanced memory allocation
 
numPYNQ @ NGCLE@e-Novia 15.11.2017
numPYNQ @ NGCLE@e-Novia 15.11.2017numPYNQ @ NGCLE@e-Novia 15.11.2017
numPYNQ @ NGCLE@e-Novia 15.11.2017
 
OCCIware, an extensible, standard-based XaaS consumer platform to manage ever...
OCCIware, an extensible, standard-based XaaS consumer platform to manage ever...OCCIware, an extensible, standard-based XaaS consumer platform to manage ever...
OCCIware, an extensible, standard-based XaaS consumer platform to manage ever...
 
What in the World is Going on at The Linux Foundation?
What in the World is Going on at The Linux Foundation?What in the World is Going on at The Linux Foundation?
What in the World is Going on at The Linux Foundation?
 
Communication hardware
Communication hardwareCommunication hardware
Communication hardware
 
DevRomagna / Golang Intro
DevRomagna / Golang IntroDevRomagna / Golang Intro
DevRomagna / Golang Intro
 
In-Memory Computing Essentials for Architects and Engineers
In-Memory Computing Essentials for Architects and EngineersIn-Memory Computing Essentials for Architects and Engineers
In-Memory Computing Essentials for Architects and Engineers
 
Walk through an enterprise Linux migration
Walk through an enterprise Linux migrationWalk through an enterprise Linux migration
Walk through an enterprise Linux migration
 
Scale Up with Lock-Free Algorithms @ JavaOne
Scale Up with Lock-Free Algorithms @ JavaOneScale Up with Lock-Free Algorithms @ JavaOne
Scale Up with Lock-Free Algorithms @ JavaOne
 
[若渴計畫] Challenges and Solutions of Window Remote Shellcode
[若渴計畫] Challenges and Solutions of Window Remote Shellcode[若渴計畫] Challenges and Solutions of Window Remote Shellcode
[若渴計畫] Challenges and Solutions of Window Remote Shellcode
 
Graduating To Go - A Jumpstart into the Go Programming Language
Graduating To Go - A Jumpstart into the Go Programming LanguageGraduating To Go - A Jumpstart into the Go Programming Language
Graduating To Go - A Jumpstart into the Go Programming Language
 
Docker Networking
Docker NetworkingDocker Networking
Docker Networking
 
Server virtualization
Server virtualizationServer virtualization
Server virtualization
 
Virtualization
VirtualizationVirtualization
Virtualization
 
Go Execution Tracer
Go Execution TracerGo Execution Tracer
Go Execution Tracer
 
In-depth forensic analysis of Windows registry files
In-depth forensic analysis of Windows registry filesIn-depth forensic analysis of Windows registry files
In-depth forensic analysis of Windows registry files
 
OpenFlow
OpenFlowOpenFlow
OpenFlow
 
SDN Architecture & Ecosystem
SDN Architecture & EcosystemSDN Architecture & Ecosystem
SDN Architecture & Ecosystem
 
Deep dive into Coroutines on JVM @ KotlinConf 2017
Deep dive into Coroutines on JVM @ KotlinConf 2017Deep dive into Coroutines on JVM @ KotlinConf 2017
Deep dive into Coroutines on JVM @ KotlinConf 2017
 
Network Virtualization
Network VirtualizationNetwork Virtualization
Network Virtualization
 

Ähnlich wie Linux Security APIs and the Chromium Sandbox (SwedenCpp Meetup 2017)

Linux Security APIs and the Chromium Sandbox
Linux Security APIs and the Chromium SandboxLinux Security APIs and the Chromium Sandbox
Linux Security APIs and the Chromium SandboxPatricia Aas
 
Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)Patricia Aas
 
Chromium Sandbox on Linux (BlackHoodie 2018)
Chromium Sandbox on Linux (BlackHoodie 2018)Chromium Sandbox on Linux (BlackHoodie 2018)
Chromium Sandbox on Linux (BlackHoodie 2018)Patricia Aas
 
Android 5.0 Lollipop platform change investigation report
Android 5.0 Lollipop platform change investigation reportAndroid 5.0 Lollipop platform change investigation report
Android 5.0 Lollipop platform change investigation reporthidenorly
 
Princeton Wintersession: Software Quality Assurance Tooling
Princeton Wintersession: Software Quality Assurance ToolingPrinceton Wintersession: Software Quality Assurance Tooling
Princeton Wintersession: Software Quality Assurance ToolingHenry Schreiner
 
How to Install Odoo 17 on Ubuntu.pdf
How to Install Odoo 17 on Ubuntu.pdfHow to Install Odoo 17 on Ubuntu.pdf
How to Install Odoo 17 on Ubuntu.pdfCanditRoot
 
Mod06 new development tools
Mod06 new development toolsMod06 new development tools
Mod06 new development toolsPeter Haase
 
Gorush: A push notification server written in Go
Gorush: A push notification server written in GoGorush: A push notification server written in Go
Gorush: A push notification server written in GoBo-Yi Wu
 
Beyond printk: Efficient Zynq UltraScale+ MPSoC Linux Debugging and Development
Beyond printk: Efficient Zynq UltraScale+ MPSoC Linux Debugging and DevelopmentBeyond printk: Efficient Zynq UltraScale+ MPSoC Linux Debugging and Development
Beyond printk: Efficient Zynq UltraScale+ MPSoC Linux Debugging and DevelopmentZach Pfeffer
 
Finding target for hacking on internet is now easier
Finding target for hacking on internet is now easierFinding target for hacking on internet is now easier
Finding target for hacking on internet is now easierDavid Thomas
 
Installing nagios core_from_source
Installing nagios core_from_sourceInstalling nagios core_from_source
Installing nagios core_from_sourcelaonap166
 
InterPlanetary File System (IPFS)
InterPlanetary File System (IPFS)InterPlanetary File System (IPFS)
InterPlanetary File System (IPFS)Gene Leybzon
 
Open-source Android 10 on Orange Pi: myth or reality?
Open-source Android 10 on Orange Pi: myth or reality?Open-source Android 10 on Orange Pi: myth or reality?
Open-source Android 10 on Orange Pi: myth or reality?GlobalLogic Ukraine
 
Hands-on Labs: Raspberry Pi 2 + Windows 10 IoT Core
Hands-on Labs: Raspberry Pi 2 + Windows 10 IoT CoreHands-on Labs: Raspberry Pi 2 + Windows 10 IoT Core
Hands-on Labs: Raspberry Pi 2 + Windows 10 IoT CoreAndri Yadi
 
Perl on embedded Linux with Buildroot‎
Perl on embedded Linux with Buildroot‎Perl on embedded Linux with Buildroot‎
Perl on embedded Linux with Buildroot‎François Perrad
 
26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rulesFreddy Buenaño
 

Ähnlich wie Linux Security APIs and the Chromium Sandbox (SwedenCpp Meetup 2017) (20)

Linux Security APIs and the Chromium Sandbox
Linux Security APIs and the Chromium SandboxLinux Security APIs and the Chromium Sandbox
Linux Security APIs and the Chromium Sandbox
 
Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)
 
Chromium Sandbox on Linux (BlackHoodie 2018)
Chromium Sandbox on Linux (BlackHoodie 2018)Chromium Sandbox on Linux (BlackHoodie 2018)
Chromium Sandbox on Linux (BlackHoodie 2018)
 
Android 5.0 Lollipop platform change investigation report
Android 5.0 Lollipop platform change investigation reportAndroid 5.0 Lollipop platform change investigation report
Android 5.0 Lollipop platform change investigation report
 
Princeton Wintersession: Software Quality Assurance Tooling
Princeton Wintersession: Software Quality Assurance ToolingPrinceton Wintersession: Software Quality Assurance Tooling
Princeton Wintersession: Software Quality Assurance Tooling
 
How to Install Odoo 17 on Ubuntu.pdf
How to Install Odoo 17 on Ubuntu.pdfHow to Install Odoo 17 on Ubuntu.pdf
How to Install Odoo 17 on Ubuntu.pdf
 
Mod06 new development tools
Mod06 new development toolsMod06 new development tools
Mod06 new development tools
 
Gorush: A push notification server written in Go
Gorush: A push notification server written in GoGorush: A push notification server written in Go
Gorush: A push notification server written in Go
 
Beyond printk: Efficient Zynq UltraScale+ MPSoC Linux Debugging and Development
Beyond printk: Efficient Zynq UltraScale+ MPSoC Linux Debugging and DevelopmentBeyond printk: Efficient Zynq UltraScale+ MPSoC Linux Debugging and Development
Beyond printk: Efficient Zynq UltraScale+ MPSoC Linux Debugging and Development
 
Finding target for hacking on internet is now easier
Finding target for hacking on internet is now easierFinding target for hacking on internet is now easier
Finding target for hacking on internet is now easier
 
Installing nagios core_from_source
Installing nagios core_from_sourceInstalling nagios core_from_source
Installing nagios core_from_source
 
InterPlanetary File System (IPFS)
InterPlanetary File System (IPFS)InterPlanetary File System (IPFS)
InterPlanetary File System (IPFS)
 
Open-source Android 10 on Orange Pi: myth or reality?
Open-source Android 10 on Orange Pi: myth or reality?Open-source Android 10 on Orange Pi: myth or reality?
Open-source Android 10 on Orange Pi: myth or reality?
 
Meng
MengMeng
Meng
 
Meng
MengMeng
Meng
 
Hands-on Labs: Raspberry Pi 2 + Windows 10 IoT Core
Hands-on Labs: Raspberry Pi 2 + Windows 10 IoT CoreHands-on Labs: Raspberry Pi 2 + Windows 10 IoT Core
Hands-on Labs: Raspberry Pi 2 + Windows 10 IoT Core
 
Perl on embedded Linux with Buildroot‎
Perl on embedded Linux with Buildroot‎Perl on embedded Linux with Buildroot‎
Perl on embedded Linux with Buildroot‎
 
26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules
 
Readme
ReadmeReadme
Readme
 
Gitops Hands On
Gitops Hands OnGitops Hands On
Gitops Hands On
 

Mehr von Patricia Aas

NDC TechTown 2023_ Return Oriented Programming an introduction.pdf
NDC TechTown 2023_ Return Oriented Programming an introduction.pdfNDC TechTown 2023_ Return Oriented Programming an introduction.pdf
NDC TechTown 2023_ Return Oriented Programming an introduction.pdfPatricia Aas
 
Return Oriented Programming, an introduction
Return Oriented Programming, an introductionReturn Oriented Programming, an introduction
Return Oriented Programming, an introductionPatricia Aas
 
I can't work like this (KDE Academy Keynote 2021)
I can't work like this (KDE Academy Keynote 2021)I can't work like this (KDE Academy Keynote 2021)
I can't work like this (KDE Academy Keynote 2021)Patricia Aas
 
Dependency Management in C++ (NDC TechTown 2021)
Dependency Management in C++ (NDC TechTown 2021)Dependency Management in C++ (NDC TechTown 2021)
Dependency Management in C++ (NDC TechTown 2021)Patricia Aas
 
Introduction to Memory Exploitation (Meeting C++ 2021)
Introduction to Memory Exploitation (Meeting C++ 2021)Introduction to Memory Exploitation (Meeting C++ 2021)
Introduction to Memory Exploitation (Meeting C++ 2021)Patricia Aas
 
Classic Vulnerabilities (MUCplusplus2022).pdf
Classic Vulnerabilities (MUCplusplus2022).pdfClassic Vulnerabilities (MUCplusplus2022).pdf
Classic Vulnerabilities (MUCplusplus2022).pdfPatricia Aas
 
Classic Vulnerabilities (ACCU Keynote 2022)
Classic Vulnerabilities (ACCU Keynote 2022)Classic Vulnerabilities (ACCU Keynote 2022)
Classic Vulnerabilities (ACCU Keynote 2022)Patricia Aas
 
Introduction to Memory Exploitation (CppEurope 2021)
Introduction to Memory Exploitation (CppEurope 2021)Introduction to Memory Exploitation (CppEurope 2021)
Introduction to Memory Exploitation (CppEurope 2021)Patricia Aas
 
Thoughts On Learning A New Programming Language
Thoughts On Learning A New Programming LanguageThoughts On Learning A New Programming Language
Thoughts On Learning A New Programming LanguagePatricia Aas
 
Trying to build an Open Source browser in 2020
Trying to build an Open Source browser in 2020Trying to build an Open Source browser in 2020
Trying to build an Open Source browser in 2020Patricia Aas
 
Trying to build an Open Source browser in 2020
Trying to build an Open Source browser in 2020Trying to build an Open Source browser in 2020
Trying to build an Open Source browser in 2020Patricia Aas
 
DevSecOps for Developers, How To Start (ETC 2020)
DevSecOps for Developers, How To Start (ETC 2020)DevSecOps for Developers, How To Start (ETC 2020)
DevSecOps for Developers, How To Start (ETC 2020)Patricia Aas
 
The Anatomy of an Exploit (NDC TechTown 2019)
The Anatomy of an Exploit (NDC TechTown 2019)The Anatomy of an Exploit (NDC TechTown 2019)
The Anatomy of an Exploit (NDC TechTown 2019)Patricia Aas
 
Elections: Trust and Critical Infrastructure (NDC TechTown 2019)
Elections: Trust and Critical Infrastructure (NDC TechTown 2019)Elections: Trust and Critical Infrastructure (NDC TechTown 2019)
Elections: Trust and Critical Infrastructure (NDC TechTown 2019)Patricia Aas
 
The Anatomy of an Exploit (NDC TechTown 2019))
The Anatomy of an Exploit (NDC TechTown 2019))The Anatomy of an Exploit (NDC TechTown 2019))
The Anatomy of an Exploit (NDC TechTown 2019))Patricia Aas
 
Elections, Trust and Critical Infrastructure (NDC TechTown)
Elections, Trust and Critical Infrastructure (NDC TechTown)Elections, Trust and Critical Infrastructure (NDC TechTown)
Elections, Trust and Critical Infrastructure (NDC TechTown)Patricia Aas
 
Survival Tips for Women in Tech (JavaZone 2019)
Survival Tips for Women in Tech (JavaZone 2019) Survival Tips for Women in Tech (JavaZone 2019)
Survival Tips for Women in Tech (JavaZone 2019) Patricia Aas
 
Embedded Ethics (EuroBSDcon 2019)
Embedded Ethics (EuroBSDcon 2019)Embedded Ethics (EuroBSDcon 2019)
Embedded Ethics (EuroBSDcon 2019)Patricia Aas
 
Keynote: Deconstructing Privilege (C++ on Sea 2019)
Keynote: Deconstructing Privilege (C++ on Sea 2019)Keynote: Deconstructing Privilege (C++ on Sea 2019)
Keynote: Deconstructing Privilege (C++ on Sea 2019)Patricia Aas
 

Mehr von Patricia Aas (20)

NDC TechTown 2023_ Return Oriented Programming an introduction.pdf
NDC TechTown 2023_ Return Oriented Programming an introduction.pdfNDC TechTown 2023_ Return Oriented Programming an introduction.pdf
NDC TechTown 2023_ Return Oriented Programming an introduction.pdf
 
Telling a story
Telling a storyTelling a story
Telling a story
 
Return Oriented Programming, an introduction
Return Oriented Programming, an introductionReturn Oriented Programming, an introduction
Return Oriented Programming, an introduction
 
I can't work like this (KDE Academy Keynote 2021)
I can't work like this (KDE Academy Keynote 2021)I can't work like this (KDE Academy Keynote 2021)
I can't work like this (KDE Academy Keynote 2021)
 
Dependency Management in C++ (NDC TechTown 2021)
Dependency Management in C++ (NDC TechTown 2021)Dependency Management in C++ (NDC TechTown 2021)
Dependency Management in C++ (NDC TechTown 2021)
 
Introduction to Memory Exploitation (Meeting C++ 2021)
Introduction to Memory Exploitation (Meeting C++ 2021)Introduction to Memory Exploitation (Meeting C++ 2021)
Introduction to Memory Exploitation (Meeting C++ 2021)
 
Classic Vulnerabilities (MUCplusplus2022).pdf
Classic Vulnerabilities (MUCplusplus2022).pdfClassic Vulnerabilities (MUCplusplus2022).pdf
Classic Vulnerabilities (MUCplusplus2022).pdf
 
Classic Vulnerabilities (ACCU Keynote 2022)
Classic Vulnerabilities (ACCU Keynote 2022)Classic Vulnerabilities (ACCU Keynote 2022)
Classic Vulnerabilities (ACCU Keynote 2022)
 
Introduction to Memory Exploitation (CppEurope 2021)
Introduction to Memory Exploitation (CppEurope 2021)Introduction to Memory Exploitation (CppEurope 2021)
Introduction to Memory Exploitation (CppEurope 2021)
 
Thoughts On Learning A New Programming Language
Thoughts On Learning A New Programming LanguageThoughts On Learning A New Programming Language
Thoughts On Learning A New Programming Language
 
Trying to build an Open Source browser in 2020
Trying to build an Open Source browser in 2020Trying to build an Open Source browser in 2020
Trying to build an Open Source browser in 2020
 
Trying to build an Open Source browser in 2020
Trying to build an Open Source browser in 2020Trying to build an Open Source browser in 2020
Trying to build an Open Source browser in 2020
 
DevSecOps for Developers, How To Start (ETC 2020)
DevSecOps for Developers, How To Start (ETC 2020)DevSecOps for Developers, How To Start (ETC 2020)
DevSecOps for Developers, How To Start (ETC 2020)
 
The Anatomy of an Exploit (NDC TechTown 2019)
The Anatomy of an Exploit (NDC TechTown 2019)The Anatomy of an Exploit (NDC TechTown 2019)
The Anatomy of an Exploit (NDC TechTown 2019)
 
Elections: Trust and Critical Infrastructure (NDC TechTown 2019)
Elections: Trust and Critical Infrastructure (NDC TechTown 2019)Elections: Trust and Critical Infrastructure (NDC TechTown 2019)
Elections: Trust and Critical Infrastructure (NDC TechTown 2019)
 
The Anatomy of an Exploit (NDC TechTown 2019))
The Anatomy of an Exploit (NDC TechTown 2019))The Anatomy of an Exploit (NDC TechTown 2019))
The Anatomy of an Exploit (NDC TechTown 2019))
 
Elections, Trust and Critical Infrastructure (NDC TechTown)
Elections, Trust and Critical Infrastructure (NDC TechTown)Elections, Trust and Critical Infrastructure (NDC TechTown)
Elections, Trust and Critical Infrastructure (NDC TechTown)
 
Survival Tips for Women in Tech (JavaZone 2019)
Survival Tips for Women in Tech (JavaZone 2019) Survival Tips for Women in Tech (JavaZone 2019)
Survival Tips for Women in Tech (JavaZone 2019)
 
Embedded Ethics (EuroBSDcon 2019)
Embedded Ethics (EuroBSDcon 2019)Embedded Ethics (EuroBSDcon 2019)
Embedded Ethics (EuroBSDcon 2019)
 
Keynote: Deconstructing Privilege (C++ on Sea 2019)
Keynote: Deconstructing Privilege (C++ on Sea 2019)Keynote: Deconstructing Privilege (C++ on Sea 2019)
Keynote: Deconstructing Privilege (C++ on Sea 2019)
 

Kürzlich hochgeladen

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 

Kürzlich hochgeladen (20)

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 

Linux Security APIs and the Chromium Sandbox (SwedenCpp Meetup 2017)

  • 2. Linux Security and How Web Browser Sandboxes Really Work Patricia Aas SweedenCpp Meetup C++ Stockholm 0x08 2017 @pati_gallardo
  • 3. Patricia Aas Programmer - mainly in C++ and Java Currently : Vivaldi Technologies Previously : Cisco Systems, Knowit, Opera Software Master in Computer Science Twitter : @pati_gallardo
  • 4. One Binary Browser Gpu BrokerZygote Renderer GpuZygote Init Clone/Exec * User/Pid/Net Fork/Exec * * NO_NEW_PRIVS ForkFork Clone
  • 6. Windows of Opportunity Browser Gpu BrokerZygote Renderer GpuZygote Init Clone/Exec * User/Pid/Net Fork/Exec * * NO_NEW_PRIVS ForkFork Clone
  • 7. Namespaces in use CLONE_NEWUSER No privilege is needed to create a USER NS, and in one we can create a PID NS without global privilege. CLONE_NEWPID Same PID number can represent different processes in different PID namespaces. One init (PID 1) process per PID NS CLONE_NEWNET Isolate a process from network @pati_gallardo Zygote + Renderer
  • 8. At Clone : Create NAmespaces Clone flags define the process* created and will create namespaces (NS) for it 1. Test which NS are available 2. Fail if not sufficient 3. Construct the biggest supported and applicable set Emulates fork with longjmp * Also used to create threads @pati_gallardo Zygote + Renderer
  • 9. int flags = CLONE_NEWUSER | CLONE_NEWPID | CLONE_NEWNET; jmp_buf env; if (setjmp(env) == 0) { return CloneAndLongjmpInChild(flags, ptid, ctid, &env); } @pati_gallardo chromium/base/process/launch_posix.cc Code Simplified To Illustrate
  • 10. pid_t CloneAndLongjmpInChild(unsigned long flags, pid_t* ptid, pid_t* ctid, jmp_buf* env) { char stack_buf[PTHREAD_STACK_MIN]; void* stack = stack_buf + sizeof(stack_buf); return clone(&CloneHelper, stack, flags, env, ptid, nullptr, ctid); } @pati_gallardo chromium/base/process/launch_posix.cc Code Simplified To Illustrate
  • 11. int CloneHelper(void* arg) { jmp_buf* env_ptr = reinterpret_cast<jmp_buf*>(arg); longjmp(*env_ptr, 1); // Should not be reached assert(false); return 1; } @pati_gallardo chromium/base/process/launch_posix.cc Code Simplified To Illustrate
  • 13. Shrinking the Sandbox Browser Gpu Broker Seccomp Zygote SYS_ADMIN Renderer Pid capset rlimit Gpu Seccomp Zygote Init User capset chroot Clone/Exec * User/Pid/Net Fork/Exec * * NO_NEW_PRIVS Done post fork ForkFork Clone
  • 14. Seccomp BPF Program Program written in an assembly-like language to filter system-calls. Runs in a simple VM in kernel space. All syscalls will be filtered by this program TSYNC : Once a Seccomp Program is installed it applies to all threads in a process@pati_gallardo Renderer + Gpu + Broker
  • 15. Seccomp : BPF Policies BPF Program defined in a Policy Fundamentally a whitelist, allows a set of syscalls and has custom handling of others. An extended Policy is generally more permissive 1. BaselinePolicy 1.1 GpuProcessPolicy 1.1.1 GpuBrokerProcessPolicy 1.2 RendererProcessPolicy @pati_gallardo Renderer + Gpu + Broker
  • 16. void StartSandboxWithPolicy(sandbox::bpf_dsl::Policy* policy) { SandboxBPF sandbox(policy); assert(sandbox.StartSandbox()); } bool SandboxBPF::StartSandbox() { InstallFilter(); return true; } @pati_gallardo chromium/content/common/sandbox_linux/sandbox_seccomp_bpf_linux.cc chromium/sandbox/linux/seccomp-bpf/sandbox_bpf.cc Code Simplified To Illustrate
  • 17. void SandboxBPF::InstallFilter() { CodeGen::Program program = AssembleFilter(); struct sock_filter bpf[program.size()]; const struct sock_fprog prog = { static_cast<unsigned short>(program.size()), bpf }; memcpy(bpf, &program[0], sizeof(bpf)); assert(prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) == 0); assert(seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &prog) == 0); } @pati_gallardo chromium/sandbox/linux/seccomp-bpf/sandbox_bpf.cc Code Simplified To Illustrate
  • 18. Chroot : Drop Access to FS - clone(CLONE_FS) a child process - Child chroot(”/proc/self/fdinfo/”) - Child immediately does a chdir(“/”) - Child does _exit(kExitSuccess) You can see this by looking at ls -l /proc/<pid>/root Of the Zygote or any ancestor Credentials::DropFileSystemAccess@pati_gallardo Zygotes + Renderer
  • 19. bool ChrootToSafeEmptyDir() { pid_t pid = -1; char stack_buf[PTHREAD_STACK_MIN]; void* stack = stack_buf + sizeof(stack_buf); int clone_flags = CLONE_FS | LINUX_SIGCHLD; pid = clone(ChrootToSelfFdinfo, stack, clone_flags, nullptr); int status = -1; assert(HANDLE_EINTR(waitpid(pid, &status, 0)) == pid); return WIFEXITED(status) && WEXITSTATUS(status) == kExitSuccess; } @pati_gallardo chromium/sandbox/linux/services/credentials.cc Code Simplified To Illustrate
  • 20. int ChrootToSelfFdinfo(void*) { assert(chroot("/proc/self/fdinfo/") == 0); assert(chdir("/") == 0); _exit(kExitSuccess); } @pati_gallardo chromium/sandbox/linux/services/credentials.cc Code Simplified To Illustrate
  • 21. Trust is Relative Browser Gpu Broker Seccomp Zygote SYS_ADMIN Renderer Pid capset rlimit Gpu Seccomp Zygote Init User capset chroot Clone/Exec * User/Pid/Net Fork/Exec * * NO_NEW_PRIVS Done post fork ForkFork Clone No access to filesystem
  • 23. Sources Michael Kerrisk Book: The Linux Programming Interface Course: Linux Security and Isolation APIs Chromium/Kernel source + Linux Man Pages + lwn.net All Errors Are My Own
  • 24. Linux Security and How Web Browser Sandboxes Really Work Patricia Aas, Vivaldi Technologies @pati_gallardo Photos from pixabay.com
  • 25. Make Everyone Feel Safe To Be Themselves @pati_gallardo
  • 26. Vivaldi Swag Patricia Aas, Vivaldi Technologies @pati_gallardo Photos from pixabay.com