Djalal Harouni
open-menu closeme
Home
About
PGP Key
RSS
linkedin github twitter mastodon rss
  • Modernization of Linux proc filesystem and containers security

    calendar 30 Nov 2017, 00:00 · 2 min read · opensource linux kernel containers security  ·
    Share on: twitter facebook linkedin copy
    Modernization of Linux proc filesystem and containers security

    TL;DR: The Linux kernel procfs suffers from a historical design that prevents having multiple separate procfs instances inside the same PID namespace. All the mounts are a mirror of the internal one. This blocks developement of Linux containers, sandboxes, and other security related features. Patch solution: PATCH RFC …


    Read More
  • systemd Sandbox or systemd Lightweight Containers

    calendar 15 Oct 2017, 00:00 · 4 min read · opensource linux systemd containers security  ·
    Share on: twitter facebook linkedin copy
    systemd Sandbox or systemd Lightweight Containers

    Sandboxing IoT Apps using lightweight containers is an important step for Linux-IoT based devices, it allows to reduce the exposure from mis-configuration, bugs, or vulnerability exploitation. As a simple example the BrickerBot and similar worms did not use complex 0day exploits. They used simple attack vectors like …


    Read More

Djalal Harouni

Open Source Software Hacker / Cloud / Linux kernel / BPF / systemd from DZ.
Read More

Featured Posts

  • Prevent Overlayfs Privilege Escalation on Ubuntu Kernels with Yaml (bpf)!
  • Kernel Image Lockdown and eBPF Flexibility!
  • eBPF: Block Linux Fileless Payload "Malware" Execution with BPF LSM
  • eBPF Summit 2021 - Talk: BPF to bridge Cloud and IoT Linux Security
  • DZ Open Source contributions into space Mars 2020 Helicopter, Ingenuity
  • Modernization of Linux proc filesystem and containers security
  • Linux kernel improve Module autoloading infrastructure
  • Hardening Linux-based IoT systems

Recent Posts

  • All systems go Conference - Modern deployment for Embedded Linux and IoT Talk
  • Hardening Linux-based IoT systems

Categories

LINUX 11 OPENSOURCE 10 TECHNOLOGY 7 BPF 4 SECURITY 4 TETRAGON 1

Tags

LINUX 11 OPENSOURCE 11 KERNEL 10 SECURITY 10 BPF 4 IOT 4 CONTAINERS 2 SYSTEMD 2 ALGERIA 1 CONFERENCE 1 MARS 1 SPACE 1 TETRAGON 1
Djalal Harouni

Copyright  DJALAL HAROUNI. All Rights Reserved

to-top