Loading…
28 - 29 August | Amsterdam, Netherlands
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Linux Security Summit Europe 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central European Summer Time (CEST | UTC+2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."
Friday August 29, 2025 10:55 - 11:40 CEST
One of Landlock's main goals is to empower Linux users to sandbox their programs. We've focused on building the foundation of a new unprivileged access control system, including an interface for developers to sandbox programs. While sandboxing tools already leverage Landlock, a well-defined way to describe security policies is still needed.

To address this, we're designing a user-friendly configuration format, marking a significant step toward making Landlock more accessible. This format enables users to describe a set of restrictions enforced on their programs and helps democratize Linux sandboxing. The new configuration format and related library simplify sandbox creation by allowing users to compose modular security policies. Linux distributions can also provide predefined policies that users can customize, reducing the maintenance burden.

In this talk, we’ll explain the design of this new configuration format, available to end users via TOML and to developers via JSON. We'll also demonstrate a new tool that makes Landlock sandboxing straightforward and accessible.
Speakers
avatar for Mickaël Salaün

Mickaël Salaün

Senior Software Engineer, Microsoft
Mickaël Salaün is a kernel developer and open source enthusiast. He is mainly interested in Linux-based operating systems, especially from a security point of view. He has built security sandboxes before hacking into the kernel on a new LSM called Landlock, of which he is now the... Read More →
Friday August 29, 2025 10:55 - 11:40 CEST
G102-103

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Share Modal

Share this link via

Or copy link