A bespoke, artisanal, hand-crafted SELinux workshop

Joe Kirwin

Having the ability to use mandatory-access-controls instead of discretionary-access-controls is something that every security professional or Linux developer should have at their disposal.

The way to do this in Linux is via Security-Enhanced Linux (SELinux). It’s not like writing code. It’s a specification that in turn is compiled to a CIL (Common-Intermediate Language) that is then utilized by the Kernel to enforce your custom type system, including how these types can interact. Piece of cake, right?

If you want:
- To learn the most straightforward way to set up and refine an SELinux policy
- To know the names of the tools you need to be aware of, and how to use them
- To get help from myself and your peers when you hit a frustration point

Then this workshop is for you.

Attendee Requirements:
- Familiar with Linux/Unix
- Minimum: Has their own laptop with SSH installed
- Better: Virtualbox installed
-Best: Virtualbox and "Vagrant" Installed


Speakers Bio: Joe is an information security professional with interests in cryptography, Linux, anti-malware and authentication scheme design. In 2017 he spoke at both BSides Vancouver and Las Vegas about a bi-directional authentication scheme called Veerless.

Joe is currently a senior security developer at CMD. CMD provides a platform to manage and enforce Linux server security, audit and compliance via a user-space agent.