Mickaël Salaün @l0kod - Twitter Profile

l0kod retweeted

5 days ago

Guillaume Couchard and Erwan Chevalier talk about #Landlock - "Leveraging Landlock telemetry for #Linux #detection engineering" at #x33fcon - #blue - https://t.co/1zjd1Szc1e

x33fcon's tweet photo. Guillaume Couchard and Erwan Chevalier talk about #Landlock - "Leveraging Landlock telemetry for #Linux #detection engineering" at #x33fcon - #blue - https://t.co/1zjd1Szc1e https://t.co/CdETtO0jfu

0

11

5

4

802

l0kod retweeted

MISCmag @MISCRedac

3 months ago

Gros plan sur le #sandboxing applicatif moderne pour #Linux avec #Landlock dans le nouveau MISC. Un article à retrouver dans notre numéro actuellement disponible en kiosque & sur https://t.co/2Ua4eGW1yh (version numérique ou papier avec ports offerts).

MISCRedac's tweet photo. Gros plan sur le #sandboxing applicatif moderne pour #Linux avec #Landlock dans le nouveau MISC.

Un article à retrouver dans notre numéro actuellement disponible en kiosque & sur https://t.co/2Ua4eGW1yh (version numérique ou papier avec ports offerts). https://t.co/K8Ebr2Dons

0

5

3

827

Mickaël Salaün @l0kod

5 months ago

I gave a talk at #FOSDEM about Island: Sandboxing tool powered by #Landlock https://t.co/lfgiivBO4Y

0

11

5

2

539

Mickaël Salaün @l0kod

6 months ago

Just released Island 🏝️, a sandboxing tool powered by #Landlock. It auto‑confines processes according to the caller's context (e.g. CWD) and comes with slick Zsh integration, so you can use your terminal naturally without command prefixes. https://t.co/MH7jKUxo43

0

2

0

153

Who to follow

David Vernet

@byte_lab

Ring 0 Linux kernel hacker at Meta, scheduler-bug-adder, BPF standardization co-chair. If you want to know how it works, break it apart.

l0kod retweeted

8 months ago

LinkPro: new stealthy #Linux rootkit based on eBPF - full analysis 🔍️ Our #CSIRT team discovered and named LinkPro, a new Linux rootkit, during an incident response. It exploits eBPF for evasion and persistence. Here are the four key technical points in the image below. 💡 🔗 Full analysis: https://t.co/pHGxXj6mCv

Synacktiv's tweet photo. LinkPro: new stealthy #Linux rootkit based on eBPF - full analysis 🔍️

Our #CSIRT team discovered and named LinkPro, a new Linux rootkit, during an incident response. It exploits eBPF for evasion and persistence.
Here are the four key technical points in the image below. 💡

🔗 Full analysis: https://t.co/pHGxXj6mCv

0

68

18

26

5K

Mickaël Salaün @l0kod

about 1 year ago

I just published the fifth #Landlock newsletter! 🤓 - new kernel features: IPC scoping and audit logs - kernel fixes - library and talk updates - new doc - new open source Landlock users - RHEL support https://t.co/2GKurcxefm

0

20

11

6

3K

Mickaël Salaün @l0kod

about 1 year ago

Starting with Linux 6.14, we'll be able to securely control script execution thanks to new syscall flags, successors of O_MAYEXEC. This is crucial for code integrity. The next step is to enlighten script interpreters. Let me know if you want to help! https://t.co/DtsWXTjUYn

0

3

2

1

314

l0kod retweeted

Armin @Zoouup

about 1 year ago

🚀Introducing Landrun: a CLI command to sandbox any Linux process using Landlock, no root, no containers, no headaches. Huge thanks to @l0kod (Landlock) and Günther Noack (Go lib) for making this possible! https://t.co/oU7EEhhRZk #Landlock #Linux #Security #Sandbox #Kernel

0

4

8

5

387

Mickaël Salaün @l0kod

over 1 year ago

Slides and patches are now online! https://t.co/wIBHUlIFRa

0

3

1

127

Mickaël Salaün @l0kod

over 1 year ago

I'll give a talk at #FOSDEM: #Sandbox IDs with #Landlock We'll talk about the challenges to identify sandboxed processes in a safe and unprivileged way, and how that could be used to identify #containers. https://t.co/wIBHUlJdGI #FOSDEM2025 #container

1

7

3

0

614

l0kod retweeted

James Morris 👾 @xjamesmorris

over 1 year ago

At @linuxplumbers - @l0kod talking about code integrity for scripts in Linux https://t.co/85tgZ06zW6

1

7

3

2

430

Mickaël Salaün @l0kod

almost 2 years ago

Panel Discussion: Outreachy Linux Kernel Internship Report - Tahera Fahimi et al. at #OSSummit Europe 2024 https://t.co/3MFtGuGsHa

1

0

135

Mickaël Salaün @l0kod

almost 2 years ago

#Landlock now has a logo! I'm at #OSSummit Europe, #LinuxSecuritySummit Europe, and #LinuxPlumbers this week in Vienna. If you're there, Günther, Tahera and I have some stickers to give 🤓 https://t.co/GJz0fPdmxm

4

12

2

1

522

Mickaël Salaün @l0kod

almost 2 years ago

Linux Sandboxing with #Landlock - Mickaël Salaün (@l0kod) at #OSSummit Europe 2024 https://t.co/JENjLznRjf

1

0

126

l0kod retweeted

James Morris 👾 @xjamesmorris

almost 2 years ago

For folks interested in following the Linux Security Summit EU in real-time, the free livestream details may be found here: https://t.co/ZriC11iqOx

0

8

5

0

958

l0kod retweeted

NinjaLab @NinjaLabFr

almost 2 years ago

We are very excited to share our last research work: 𝐄𝐔𝐂𝐋𝐄𝐀𝐊, authored by Thomas Roche. An electromagnetic Side-Channel Vulnerability in the ECDSA implementation of all Infineon security microcontrollers, notably impacting all YubiKey 5 Series. https://t.co/CUqmlUTRh8

12

271

114

90

84K

Mickaël Salaün @l0kod

almost 2 years ago

@unlikelydoorway The goal of this feature is to control execution, not to control access. Linux already has several access control systems but they cannot fully control execution without this new feature.

0

1

0

17

Mickaël Salaün @l0kod

almost 2 years ago

It's been a while since the last one, but here is the fourth #Landlock newsletter: https://t.co/egKOzWMm1X Moar sandboxing! 🥳

0

6

3

0

331

Mickaël Salaün @l0kod

almost 2 years ago

Tahera (@tahifahimi) is working on #Landlock to improve Linux sandbox isolation with scoped abstract unix sockets, signaling, and more. She writes about her @outreachy internship here: https://t.co/dTl4fCOXG5 #outreachy Expect these features to land this summer 🚀

0

8

2

1K

Mickaël Salaün

@l0kod

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users