Designing Multi-Process Application Security

Loading Click here to add:
Add to notification list

Browser technology over the past decade has taught us practical lessons about how to increase application security through the use of sandboxes. However, sandboxes seem to necessarily require using multiple processes to limit damage from various software components. You don't want a bug in your image decoder to exploit access your email and contact databases, potentially corrupting or siphoning data to an attacker. This talk will discuss design strategies and implementation details for how to implement multi-process applications for the Linux desktop using GNOME technologies such as DBus, bubblewrap, and Flatpak.