Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Security [clear filter]
Saturday, February 23


Petr Lautrbach - openssh in Fedora and RHEL - internal, features, ...

OpenSSH is free version of SSH. This talk will be about

- the architecture of ssh protocol
- openssh features like channel multiplexing and privilege separation
- Fedora and RHEL improvements like SELinux integration, auditing


avatar for Petr Lautrbach

Petr Lautrbach

Software Engineer, Red Hat Czech

Saturday February 23, 2013 9:00am - 9:45am
#Lecture room D1


Simo Sorce - GSSAPI Privilege separation with GSS-Proxy

GSS-Proxy is a new feature developed in collaboration with the Mit Kerberos Project.
It allows to use an new type of plugin called interposer to offload context establishment to a more privileged process without changeing the GSS API.
This allows to use, for example, kerberos credentials in a process without giving direct access to keytabs or credential caches containing the user TGT.
This talk will explain how this is achieved, and what are the applications, advantages and limitations of the current implementation.
Using the GSS-Proxy protocol as a kernel upcall mechanism to handle GSS auth will also be discussed.

avatar for Simo Sorce

Simo Sorce

Senior Principal Software Engineer, Red Hat
I work in the RHEL Crypto Team, I like Security related topics.

Saturday February 23, 2013 9:50am - 10:35am
#Lecture room D1


Martin Preisler, Simon Lukasik - System compliance checks

System compliance checks based on SCAP specifications. What we provide for Desktop and Enterprise systems. Demonstrate the work-flow. Talk about challenges and plans.


Šimon Lukašík

avatar for Martin Preisler

Martin Preisler

Sr. Software Engineer, Red Hat, Inc., Red Hat
Martin Preisler works as a Software Engineer at Red Hat, Inc. He is working in the Security Technologies team, focusing on security compliance using Security Content Automation Protocol. He is the principal author of SCAP Workbench, a frequent contributor to OpenSCAP and SCAP Security... Read More →

Saturday February 23, 2013 10:40am - 11:25am
#Lecture room D1


Dmitri Pal & Simo Sorce - Integrating Linux systems into Active Directory Environment

Integrating Linux into Active Directory environment is a challenging task. There are multiple factors that need to be taken into the account and multiple options to consider. The talk would cover different solutions that can be implemented to integrate Linux systems into the AD environment and discuss factors that affect decision making.

avatar for Dmitri Pal

Dmitri Pal

Director, Software Engineering, Red Hat
Dmitri Pal is a Director of Software Engineering at Red Hat responsible for the security and identity management projects and products in Red Hat Enterprise Linux and Red Hat portfolio. Dmitri has more than 20 years of the security and identity management-related software engineering... Read More →
avatar for Simo Sorce

Simo Sorce

Senior Principal Software Engineer, Red Hat
I work in the RHEL Crypto Team, I like Security related topics.

Saturday February 23, 2013 11:30am - 12:15pm
#Lecture room D1


Stef Walter - Polished Active Directory Integration

Active Directory is widely used in enterprise environments, and Linux has had lots of projects, parts and pieces that could be used with Active Directory.

In Fedora 18 we've integrated those parts into a polished experience. We'll discuss the new features in this talk.

But it's not over, there's more to come. We'll show you how to get involved, and what's on the horizon for further Active Directory integration.

Among other things we'll touch on sssd, realmd, and how they're used in Fedora and RHEL.

avatar for Stef Walter

Stef Walter

Hacker, manager, and CI freak., Red Hat
Stef is an avid open source hacker. He's contributed to over a hundred open source projects, and can be found preaching about continuous integration and working on the Cockpit Linux admin interface. He's a usability freak. Stef lives in Germany, and works at Red Hat.

Saturday February 23, 2013 2:10pm - 2:55pm
Meeting point 1 B411


Daniel J Walsh - Writing SELinux Policy

This lab/workshop will explain how to write SELinux policy.

avatar for Daniel Walsh

Daniel Walsh

Senior Distinguished Engineer, Red Hat
Daniel Walsh has worked in the computer security field for over 30 years. Dan is a Consulting Engineer at Red Hat. He joined Red Hat in August 2001. Dan leads the Red Hat Container Engineering team since August 2013, but has been working on container tec

Saturday February 23, 2013 2:10pm - 3:40pm
Hackfest Lab 1 C525
Sunday, February 24


Steve Grubb - Executable Hardening Measures - How they work and/or don't

This talk will go over all the protection mechanisms that are available to developers and package maintainers. This includes PIE, RELRO, gcc stack protector, and FORTIFY_SOURCE. It will explain what kind of attacks these prevent and how they work. More importantly, this talk will also go over limitations, short comings, and failures of these mechanisms. Some tools and techniques for analysis will be presented. The attendee will leave with a better understanding of how protected any given binary actually is.

avatar for Steven Grubb

Steven Grubb

Security Architect, Red Hat
Steve Grubb is a Senior Principal Engineer whose role in Red Hat Engineering is as a Security Architect with a focus on Security Certifications (such as Common Criteriai, SCAP, and FIPS-140) and configuration Guidance (such as DISA STIG, USGCB, and the CIS RHEL Benchmark). He also... Read More →

Sunday February 24, 2013 9:00am - 9:45am
#Lecture room D1