Security Features in systemd

Speaker: Lennart Poettering

Abstract

The systemd system and service manager is a core component of many major distributions and is being adopted by even more. As a service manager, its primary job is to start and keep track of system services. In this presentation I'll talk about the security-relevant aspects and features of systemd, such as easy ways to lock system services into lightweight sandboxes, how to turn off specific security-sensitive interfaces for services, and how to limit which parts of the file system a service can see and access.

Biography

Lennart Poettering works for Red Hat. He works on Avahi, PulseAudio and systemd.