LinuxCon Japan is the premiere Linux conference in Asia that brings together a unique blend of core developers, administrators, users, community managers and industry experts.
CloudOpen Japan is a conference celebrating and exploring the open source projects, technologies and companies who make up the cloud. It’s built on a belief that open works: for users, for industry and for technology.
Namespace support has been growing in the Linux kernel, so there are now a number of ways that namespaces can be used to help protect Linux systems from exploits. Using namespaces (in particular, the mount, network, PID, and user namespaces) can isolate processes in ways that will prevent some types of vulnerabilities from compromising more of the system. Namespaces can be used as part of a "defense in depth" strategy to avoid the harm (or most of the harm) from exploits of vulnerable user-space applications. This talk will be for Linux developers, particularly "system level" developers. It will assume some knowledge of C and Linux, but not require in-depth knowledge of either. Participants can expect to come away with a good foundation on what namespaces are and can do, along with concrete ideas of how to use namespaces in their projects.