Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore secure path operations in Unix systems through this 39-minute conference talk that addresses critical security vulnerabilities in container runtimes and privileged system tools. Learn about libpathrs, an open source Rust library designed to safely handle path operations within directory trees controlled by potentially malicious users. Discover how this library leverages modern kernel features like openat2 to provide robust protection against path-based attacks that have plagued Unix programs since their inception. Examine real-world examples through recent runc security vulnerabilities to understand how easily path-based security bugs can be introduced, even in carefully maintained programs. Gain practical insights into implementing holistic protections that can safeguard various system programs beyond just container runtimes, and understand how libpathrs provides safe wrappers for operating on procfs files and other path-related utilities.
