| Speaker Name | James Morris |
|
| Organization | ||
| Type | Talk | |
| Slides | Click to download | |
Anatomy of Fedora Kiosk Mode |
||
| Abstract | Recent Fedora releases include Kiosk Mode, a feature which allows anonymous users to safely access a limited desktop session, including a web browser and office applications. This may be useful wherever there's a need to provide public access to computers, including: cafes, airports, conferences, libraries and trade shows. Kiosk Mode combines several advanced security and Linux OS features: - A tight Mandatory Access Control (MAC) security policy is used to limit the actions of anonymous users and protect the system from them. - Linux namespaces are utilized to provide the user with a private view of the file-system. - A customized GNOME desktop managed via Sabayon is freshly loaded for each session. - A PAM module ensures that SELinux is enabled in enforcing mode before authorizing the anonymous session. No configuration is required: if the appropriate package is installed, it Just Works. Kiosk Mode is an example of how bleeding edge security and OS technologies may be applied to meet general user requirements. This talk will detail its design and implementation, and include a demonstration. |
|
| Pre-requisites | Intermediate to advanced knowledge of Linux. | |
| Speaker Profile | James Morris is a Linux kernel developer from Sydney, Australia. He has contributed to several kernel projects, including Netfilter, LSM, and IPsec. He is the author of the kernel Crypto API. Currently, his focus is on SELinux, a flexible framework for composing different security models. He is a kernel maintainer of SELinux, Networking and an emeritus Netfilter core team member. | |
Comments:
No comments on this talk yet.
