Загрузка страницы
Все видеоНовые видеоПопулярные видеоКатегории видео

Gerlof Langeveld - Practical use of Linux capabilities (Full Talk) , at the ORNL CentOS Dojo

Talk Overview : In conventional UNIX systems, processes running under a 'normal' user identity had no specific privileges whatsoever while processes running under the root identity had all special privileges, like the ability to reboot the system, to kill any process, to open raw sockets, etcetera. The capability mechanism implemented by the Linux kernel enables a process to get only a limited set of these privileges, just enough to do the special tasks that this process is supposed to do. Nowadays capabilities are used by systemd to provide specific privileges to services and by Docker to provide specific privileges to the process that is running in a container. Furthermore, capabilities are used as an alternative for setuid executables that enable normal users to run a specific program (like ping) under the root identity. In this presentation I will explain how the capability mechanism works and how systemd, containers and executable files are related to this feature.
From the CentOS Dojo at ORNL - https://wiki.centos.org/Events/Dojo/ORNL2019

Видео Gerlof Langeveld - Practical use of Linux capabilities (Full Talk) , at the ORNL CentOS Dojo канала TheCentOSProject
Показать
Комментарии отсутствуют
Введите заголовок:

Введите адрес ссылки:

Введите адрес видео с YouTube:

Зарегистрируйтесь или войдите с
Информация о видео
14 мая 2019 г. 11:17:44
00:46:19
TheCentOSProject
Правообладателям
Жалоба
Комментарии
Другие видео канала
Gerlof Langeveld - Practical use of Linux capabilitiesGerlof Langeveld - Practical use of Linux capabilitiesWhat is RPA (Robotic Process Automation)?What is RPA (Robotic Process Automation)?6. Capabilities6. Capabilities"Large Pages in Linux" - Matthew Wilcox (LCA 2020)"Large Pages in Linux" - Matthew Wilcox (LCA 2020)Linux Privilege Escalation : CAPABILITIESLinux Privilege Escalation : CAPABILITIESLinux Internals: Virtual File System (VFS)Linux Internals: Virtual File System (VFS)How Docker Works - Intro to NamespacesHow Docker Works - Intro to NamespacesOverview and Recent Developments: Namespaces and Capabilities - Christian Brauner, Canonical Ltd.Overview and Recent Developments: Namespaces and Capabilities - Christian Brauner, Canonical Ltd.Linux Performance Tools, Brendan Gregg, part 1 of 2Linux Performance Tools, Brendan Gregg, part 1 of 2how DNS works!how DNS works!Security-Enhanced Linux for mere mortalsSecurity-Enhanced Linux for mere mortalsWhat is a kernel - Gary explainsWhat is a kernel - Gary explainsThe Difference Between Robotic Process Automation, Machine Learning, and Artificial IntelligenceThe Difference Between Robotic Process Automation, Machine Learning, and Artificial IntelligenceContainers unplugged: Linux namespaces - Michael KerriskContainers unplugged: Linux namespaces - Michael KerriskSteven Rostedt - Learning the Linux Kernel with tracingSteven Rostedt - Learning the Linux Kernel with tracingUnderstanding the Linux Boot Process - CompTIA Linux+, LPIC-1Understanding the Linux Boot Process - CompTIA Linux+, LPIC-1History of Gnu, Linux, Free and Open Source Software (Revolution OS)History of Gnu, Linux, Free and Open Source Software (Revolution OS)SELinux (Security Enhanced Linux) Full course. RHCSA, LFCS, CompTIA Linux+ full domain coverage.SELinux (Security Enhanced Linux) Full course. RHCSA, LFCS, CompTIA Linux+ full domain coverage.Linux CapabilitiesLinux Capabilitiescollectd in dynamic environmentscollectd in dynamic environments
Статистика портала
Яндекс.Метрика
© 2008-2024 «Информационно-развлекательный портал города Верхняя Салда»
| Карта портала | Реклама | Контакты | Сообщить об ошибке | Соглашения
salda.ws salda.ws@mail.ru
Сейчас на сайте: 512 Статистика портала