Adrian Ratiu
First and foremost a hobbyist taking pleasure in day-to-day use and contributions to open source, Adrian is also a Senior Engineer working on behalf of Collabora on embedded systems and distributions, with a wide area of interest going from toolchains and programming languages, kernels, security, userspace tools, hardware such as printers (yes people still use those haha!) and many other topics.
Session
There is a well-known trade-off between security lockdowns and a user's abiliy to
debug/inspect a system. The Linux kernel is finally fixing an old proc/mem security
bug which illustrates this trade-off nicely. The kernel will provide a mechanism,
so distros need to implement a policy according to their own security needs, to
restrict proc/mem access (it gives userspace RW access to processes memory).
This talk goes into the what, why and how of getting this bug fixed, with some policies
for plugging the long-standing hole for different use-cases, without breaking
debuggers or container supervisors.