Project MySelfa project by cschum The goal of Project MySelf is to build a system to collect data about yourself in a safe and private way, so that you control your data and you can decide what happens with it. 
|
updating rpms in docker containersa project by jordimassaguerpla The docker way of updating containers is to build a new image with the updated binaries and files, which creates a security concern. 
|
zypper-docker with multiple backends and an APIa project by mssola During the last CSM workshop I started to refactor zypper-docker in a way that: 
|
|
Do something useful with the TPMan idea by mwilck Almost all our laptops, and many servers, feature a TPM today. The TPM doesn't have the best reputation in the community because it could be used to lock down platforms or do nasty things with DRM. Under normal conditions on PCs, the TPM is controlled by the system owner and could actually be useful for almost anything involving crypto. Unfortunately the integration of the TPM in the OS is essentially non-existent. The introduction of the TPM2.0 standard complicates matters, because we now have two different devices with different APIs. |
Analyze the security of Linux HTTPS connections and monitor the traffic of "smart" devicesan invention by thardeck I have Raspberry Pi with WLAN and an additional network module which can be run as a WIFI access point. 
|
Securing a CMS by using a hidden CMS and exporting static html to a web servera project by johannes_p Small non profit organisations or activist groups need a Web presence that is easy to maintain by several authors. When using a CMS they do not have the resources to secure the CMS from the various possible attacs most CMSes are notorious for. Defacement or placing malicious content can damage the reputation of such non profit organisations. 
|
Generate CVRFan invention by msmeissn CVRF is a standard where security advisories are encoded in a XML format. 
|
Improve supplychain security in the build servicean idea by kbabioch In the past I've worked on a set of scripts to identify potential for improvement of the supply chain within our build service. For now RPM files can be scanned for unused signature files that are available upstream and look for potentially unused |
Improving the Security of OpenPGP USB Token with a Secure Chipa project by biergaizi OpenPGP Card is an ISO/IEC 7816-4 compatible smartcard that is integrated with many OpenPGP functions, including signature, encryption, and authentication. It provides an trustful computing environment isolated from the host computer, to guard one's private keys from attacks and exposures. ZetiControl in Germany is the first manufacturer of OpenPGP Card based on BasicCard platform. Since then, compatible USB tokens have also been manufactured, such as Yubikey and Nitrokey. 
|
libpathrsa project by cyphar The plan is to implement a safe path resolution library for Linux to avoid the plentiful numbers of security vulnerabilities that have been seen in the wild related to path resolution race conditions and various other attacks. I've been working on kernel-space solutions but even if they were merged, it is difficult to use them safely directly. So this library intends to provide simple wrappers that everyone can use. 
|
Kanidm: A safe and modern IDM systeman invention by firstyear This hackweek I'll be working on Kanidm, an IDM system written in Rust for modern systems authentication. The github repo has a detailed "getting started" on the readme. 
|
|
Dawnscanner: revive the project and create an RPM packagea project by pperego 
|
|
FIDO2 emulationa project by mkoutny 
|
Learn more about Application Security (AppSec) Open Source Tools and Testing Techniquesan idea by heidi.bronson |
Project Verifree : internal key server(s)a project by mcaj Project description
|
Poking technologies for enrolling customer key to kernel trusted keyringa project by joeyli 
|
Model checking the BPF verifiera project by shunghsiyu Project Description
|
rust security reviews and cargo-creva project by jzerebecki
|
Explore Crev as collaborative code audita project by pperego Project Description
|
Rancher Token Revokeran invention by mbolot 
|
Run sandboxed Firefox with image and sound inside a containeran invention by nguyens 
|
Sandboxed USB Inspectionan invention by nguyens 
|
Create tool for managing RPM package signing keysan invention by dheidler 
|
Predefined app security policy template for NeuVectoran idea by feih Project Description |
Port NeuVector zero-trust security functions to host/VMan idea by feih Project Description |
Kanidm: A safe and modern IDM systeman idea by firstyear Kanidm is an IDM system written in Rust for modern systems authentication. The github repo has a detailed "getting started" on the readme. |
CVE portal for SUSE Rancher productsa project by gmacedo Description
|
Contributing to Linux Kernel securityan idea by pperego Description |
VulnHeapa project by r1chard-lyu DescriptionThe VulnHeap project is dedicated to the in-depth analysis and exploitation of vulnerabilities within heap memory management. It focuses on understanding the intricate workflow of heap allocation, chunk structures, and bin management, which are essential to identifying and mitigating security risks. 
|
OIDC Loginproxya project by toe DescriptionReverse proxies can be a useful option to separate authentication logic from application logic. SUSE and openSUSE use "loginproxies" as an authentication layer in front of several services. 
|
Migrate from Docker to Podmanan invention by tjyrinki_suse Description
|
Diving into Qubes OS
Kanidm - A modern opensource IDM
Kanidm - Modern Opensource Identity Management