Room 3

16:20 - 17:20 (UTC+02)

Talk (60 min)

Sandboxing a Linux application

Ever wondered how you can isolate your application from the rest of your Linux system? How to make sure you can safely evaluate code you download from the internet? How docker sets up a new filesystem inside of your running system?


This is the talk for you! We will go through how you can create your own sandbox on Linux using the APIs available to you. This will give you insight into how large projects like chromium and docker uses these APIs to both protect the rest of the system, as well as solve problems.

Martin Ertsås

Martin Ertsås is a software developer working for Cisco Systems in Norway on their Telepresence Hardware Endpoints. His main interests are C++, Linux, Security, Embedded Systems, and Developer Happiness. Martin enjoys digging through new code to unravel how it works or spending time improving a tool or process to increase the happiness and productivity of those around him.