Reduce attack surface or keep compatibility: lessons of sudo-rs and run0 transition plans

Name: Reduce attack surface or keep compatibility: lessons of sudo-rs and run0 transition plans
Start: 2026-01-31T13:35:00
End: 2026-01-31T13:35:00
Location: H.2214

H.2214 | Day 2 | 13:35 - 13:55 | Speakers: Alexander Bokovoy, Alejandro Lopez

Copy link

Copy link

Open in browser

Get involved in the conversation!Join the chat

Notes

Abstract

An ongoing effort to reduce potential attack surface on privileged components of system administration by rewriting them in modern programming languages or introducing new components creates additional problems as well. The system management at scale requires centralization of the access controls, yet most of the new tools do not have such capabilities or don't really concern with such use cases.

In this talk we'd reflect on our experience of supporting large organizations relying on the infrastructure provided by FreeIPA and SSSD.

Attachments

talk slides

Speakers

Alexander Bokovoy

Alejandro Lopez

External Links

Notice: The placeholder video image is licensed under CC BY-SA 4.0. The original image can be found hereChanges made to the image are: Cropped the image to a new ratio, part of the image was cut off.