Headlines |
2020-03-17 |
IPFire signing kernel modules |
|
The IPFire team is taking pro-active security measures when it comes to protecting the kernel. One of the approaches IPFire is introducing is kernel code signing to verify that the kernel has not been maliciously altered. "In IPFire 2.25 - Core Update 142, we are now cryptographically signing all kernel modules. That means every time a driver for a network adapter, a filesystem driver or other kernel module is loaded into the kernel, it is checked that this signature matches. The signature is added during compile time of the kernel and after we are done with that, we throw the key away.Nobody needs it any more. Nobody - not even we - have now the ability to change the kernel any more. The only way to change a line of code somewhere is to rebuild and re-ship the whole kernel." Further details are available in the distribution's blog post. |
More headlines from this project
Back to News
|
|
TUXEDO |
TUXEDO Computers - Linux Hardware in a tailor made suite Choose from a wide range of laptops and PCs in various sizes and shapes at TUXEDOComputers.com. Every machine comes pre-installed and ready-to-run with Linux. Full 24 months of warranty and lifetime support included!
Learn more about our full service package and all benefits from buying at TUXEDO.
|
Star Labs |
Star Labs - Laptops built for Linux.
View our range including the highly anticipated StarFighter. Available with coreboot open-source firmware and a choice of Ubuntu, elementary, Manjaro and more. Visit Star Labs for information, to buy and get support.
|
|