16:20 - 17:20 (UTC+02)
Talk (60 min)
Sandboxing a Linux application
Ever wondered how you can isolate your application from the rest of your Linux system? How to make sure you can safely evaluate code you download from the internet? How docker sets up a new filesystem inside of your running system?
This is the talk for you! We will go through how you can create your own sandbox on Linux using the APIs available to you. This will give you insight into how large projects like chromium and docker uses these APIs to both protect the rest of the system, as well as solve problems.