Sandboxing a Linux Application

Sandboxing a Linux Application

16:00 - 17:30 Thursday 7th April 2022 BST


Ever wondered how you can isolate your application from the rest of your Linux system? How to make sure you can safely evaluate code you download from the internet? How docker sets up a new filesystem inside of your running system?

This is the talk for you! We will go through how you can create your own sandbox on Linux using the APIs available to you. This will give you insight into how large projects like chromium and docker uses these APIs to both protect the rest of the system, as well as solve problems.

Martin Ertsås

Martin Ertsås is a software developer working for Cisco Systems in Norway on their Colaboration Video Endpoints.

Martin views himself as a code monkey, enjoying the weird parts of C++, Linux and Security. He enjoys digging through new code to figure out how it works, and spending time improving tools to increase the happiness and workflow of the people he works with.

While not working, Martin loves creating and playing out stories in role playing games, especially Dungeons and Dragons. Or grabbing a tent and running out into the woods with his wife to escape from the fast pace of everyday life.

Your Privacy

By clicking "Accept Non-Essential Cookies" you agree ACCU can store non-essential cookies on your device and disclose information in accordance with our Privacy Policy and Cookie Policy.

Current Setting: Non-Essential Cookies REJECTED

By clicking "Include Third Party Content" you agree ACCU can forward your IP address to third-party sites (such as YouTube) to enhance the information presented on this site, and that third-party sites may store cookies on your device.

Current Setting: Third Party Content EXCLUDED

Settings can be changed at any time from the Cookie Policy page.