Linux Security and Isolation APIs Training

Course code: M7D-SECISOL01

PDF icon Download course information as a PDF document

Summary

This course provides a deep understanding of the low-level Linux features (set-UID/set-GID programs, capabilities, namespaces, cgroups, and seccomp) used to implement privileged applications and build container, virtualization, and sandboxing technologies. A mixture of detailed presentations coupled with carefully designed practical exercises provide participants with the knowledge needed to understand, design, develop, and administer such applications. (The course does not cover administering container systems such as Docker and LXC, but by completion of the course participants will have a good understanding of various aspects of the underlying implementation and operation of such systems.)

Overview

Audience and prerequisites

The primary audience comprises designers and programmers building privileged applications, container applications, and sandboxing applications. Systems administrators who are managing such applications are also likely to find the course of benefit.

In order to get the most out of the course, participants should have:

Note: knowledge of some fundamental Linux/UNIX system programming concepts (fork(), execve(), waitpid(), basics of programming with signals, the /proc filesystem) would be helpful. The essential details of those topics will be briefly covered at the start of the course.

Course format

The course employs a lecture+lab format.

Lab sessions

A significant part of the course is spent on practical exercises. The lab sessions also provide participants with the opportunity to obtain one-to-one assistance from the trainer on the course material and exercises.

Course materials

Course participants will receive a course book of around 300 pages that includes all of the slides and exercises presented in the course.

The course book has been developed by the trainer, and is constantly updated based on ongoing changes in the Linux kernel, as well as practical teaching experience in courses. The course book is printed on demand for each course, in order to ensure that it is completely up to date with current Linux developments.

In addition to the course book, participants will receive a copy of The Linux Programming Interface, in ebook form.

Sample materials

The following samples give some idea of the course content and style of the course materials:

Course outline

Look here.

About the trainer

Michael Kerrisk has a unique set of qualifications and experience that ensure that course participants receive training of a very high standard: Michael Kerrisk

For more information about the trainer, as well as many reasons why you might want to consider choosing man7.org training courses, please look here.

Past customers

Michael Kerrisk has delivered week-long courses in various countries, including the USA, Australia, Germany, England, France, Holland, Norway, and Switzerland. Past customers include Google, IBM, BMW, Cisco Systems, Hewlett-Packard, Container Solutions, the French and British governments, and the city of Munich.

Prices

Public courses in Munich

For public 3-day courses in Munich, GERMANY, the per-person price is €1600 + VAT (MWSt). The price includes the cost of training materials as well as lunch and refreshments. Discounts are available for multiple attendees from the same company or organization; please inquire at training@man7.org for details.

Onsite courses

For tailored onsite courses at your location, email training@man7.org regarding availability and rates.

Upcoming courses

Date Location Maximum participants
17-19 July 2017 Munich, Germany 10 Registration

Contact

For further inquiries about the course, please contact us via one of the following methods:

Mailing list

If you would like to be added to a mailing list to receive notifications of public training courses that are scheduled in the future, send a mail (noting your location) to training@man7.org. Likely future locations are Europe and USA West Coast, but other locations may also be possible, especially if they can be scheduled to coincide with an interesting conference.