Landlock: unprivileged access control

The goal of Landlock is to enable to restrict ambient rights (e.g. global filesystem access) for a set of processes. Because Landlock is a stackable LSM, it makes possible to create safe security sandboxes as new security layers in addition to the existing system-wide access-controls. This kind of sandbox is expected to help mitigate the security impact of bugs or unexpected/malicious behaviors in user-space applications. Landlock empower any process, including unprivileged ones, to securely restrict themselves.

[PATCH v19] – Landlock LSM

LKMLcodesandbox manager exampleptrace testsdocumentation

[PATCH v18] – Landlock LSM

LKMLcodesandbox manager exampleptrace testsdocumentation

[PATCH v17] – Landlock LSM

LKMLcodesandbox manager exampleptrace testsdocumentation

[PATCH v16] – Landlock LSM

LKMLcodesandbox manager exampleptrace testsdocumentation

[PATCH v15] – Landlock LSM

LKMLcodesandbox manager exampleptrace testsdocumentation

[PATCH v14] – Landlock LSM

LKMLcodesandbox manager exampleptrace testsdocumentation

[PATCH v13] – Landlock LSM

LKMLcodeptrace testsdocumentation

[PATCH v12] – Landlock LSM

LKMLcodeptrace testsdocumentation

[PATCH v11] – Landlock LSM

LKMLcodeptrace testsdocumentation

Summary 2019 – Landlock: a new kind of Linux Security Module leveraging eBPF

Slides

[PATCH v10] – Landlock LSM: toward unprivileged sandboxing

LKMLcodeprogram exampledocumentation

[PATCH v9] – Landlock LSM: toward unprivileged sandboxing

LKMLcodeprogram exampledocumentation

Linux Security Summit 2018 – How to safely restrict access to files in a programmatic way with Landlock?

AbstractSlidesDemo video #1 (web server)Demo video #2 (dynamic map update)Demo code

Pass the SALT 2018 – Internals of Landlock: a new kind of Linux Security Module leveraging eBPF

Abstract and videoSlidesDemo video #1 (web server)Demo video #2 (dynamic map update)Demo code

[PATCH v8] – Landlock LSM: toward unprivileged sandboxing

LKMLcodeprogram exampledocumentation

FOSDEM 2018 – File access-control per container with Landlock

Abstract and videoSlidesDemo videoDemo code

Linux Security Summit 2017 – Landlock LSM: toward unprivileged sandboxing

SlidesDemo #1Demo #2

[PATCH v7] – Landlock LSM: toward unprivileged sandboxing

LKMLcoderule exampledocumentation