Course code: M7D-SECISOL02
Download Linux Security and Isolation APIs course description (PDF)
This course provides a deep understanding of the low-level Linux features (set-UID/set-GID programs, capabilities, namespaces, cgroups, and seccomp) used to implement privileged applications and build container, virtualization, and sandboxing technologies. A mixture of detailed presentations coupled with carefully designed practical exercises provide participants with the knowledge needed to understand, design, develop, and administer such applications. (The course does not cover administering container systems such as Docker and LXC, but by completion of the course participants will have a good understanding of various aspects of the underlying implementation and operation of such systems.)
Parts of this course are also available in smaller pieces:
The System Programming for Linux Containers course contains the same content as the Linux Security and Isolation APIs course, but includes a preparatory day of fundamental system programming concepts.
For a picture of how these courses interrelate, see the course overview.
The course employs a lecture+lab format.
The primary audience comprises designers and programmers building privileged applications, container applications, and sandboxing applications. Systems administrators who are managing such applications are also likely to find the course of benefit.
In order to get the most out of the course, participants should have:
Note: participants are assumed to have knowledge of some fundamental Linux/UNIX system programming concepts including: file descriptors and file I/O system calls; basics of programming with signals; and the system calls that define the lifecycle of a process (fork(), execve(), wait(), exit()). Such knowledge is provided in either of the following courses:
Alternatively, the System Programming for Linux Containers course contains the same content as the Linux Security and Isolation APIs course, but adds a preparatory day of fundamental system programming concepts.
A significant part of the course is spent on practical exercises. The lab sessions also provide participants with the opportunity to obtain one-to-one assistance from the trainer on the course material and exercises.
Course participants receive course books of around 400 pages. The course books include all of the slides and exercises presented in the course.
The course book has been developed by the trainer, and is constantly updated based on ongoing changes in the Linux kernel, as well as practical teaching experience in courses.
In addition to the course book, participants receive a copy of The Linux Programming Interface, in ebook form.
The following samples give some idea of the course content and style of the course materials:
For onsite courses at your location, please email firstname.lastname@example.org regarding availability and pricing.
18-21 October 2022
|Online: UTC+1 timezone (Europe)||14||Registration|
21-24 March 2023
|Online: UTC-4 timezone (Americas)||14||Registration|
25-28 April 2023
|Online: UTC+2 timezone (Europe)||14||Registration|
Online courses in Europe timezones are normally timed around Berlin time, starting at 08:00, 08:30, or 09:00. Online courses in Americas timezones are normally timed around New York time, starting at 09:00 or 10:00. Depending on the length of breaks, classes typically run for 8.5 to 9 hours per day.
For public 4-day online courses, the per-attendee price is €2500 reduced to €2400 when booked (and either paid or a company purchase order is supplied) at least 4 weeks before the start of the course. (In addition, 19% German 19% VAT is charged for participants attending from German locations; 19% German VAT is also applicable for private attendees in any location in the European Union without a VAT ID.)
For public in-person 4-day courses in Munich, GERMANY, the per-attendee price is €2800 + 19% German VAT (MWSt).
The course price for in-person courses includes the cost of lunch and refreshments. Discounts are available for multiple attendees from the same company or organization; please inquire at email@example.com for details.
Michael Kerrisk has a unique set of qualifications and experience that ensure that course participants receive training of a very high standard:
For more information about the trainer, as well as many reasons why you might want to consider choosing man7.org training courses, please see reasons to choose man7.org training,
For further inquiries about the course, please get in contact via one of the following methods:
If you would like to be added to a mailing list to receive notifications of public training courses that are scheduled in the future, send a mail (noting your location) to firstname.lastname@example.org. Likely future locations are Europe and USA West Coast, but other locations may also be possible, especially if they can be scheduled to coincide with an interesting conference.