Fedora 40 Moving Ahead In Beefing Up Its Security

Written by Michael Larabel in Fedora on 4 January 2024 at 03:22 PM EST. Add A Comment
FEDORA
The Fedora Engineering and Steering Committee "FESCo" has signed off on two separate change proposals for further enhancing the system security with the in-development Fedora 40 Linux to be released in April.

FESCo has approved the change to yield linker errors on hitting security issues. The ld.bfd linker will now generate an error if it's supposed to create an executable binary that contains one or more security issues. The security issues include things like a loadable segment with read/write/execute permissions, thread local storage segments with execute permissions, and an executable stack.

Currently such security issues are raised as warnings by the linker which may go unnoticed to the package maintainers. But now in treating them as errors they will need to be fixed up or otherwise overrode in the RPM spec.

The other change approved by FESCo this week is applying systemd security hardening with Fedora 40. Various systemd tunables will now be set to provide various protections and additional restrictions and isolation around systemd services.

Separately and aside from security work items, FESCo also approved this week dropping OpenSSL Compat, 389 Directory Server 3.0.0, and shipping Wget2 as the wget package.

More details on the changes approved this week by FESCo for F40 can be found via the meeting minutes.
Add A Comment
Related News
Btrfs SIG Established For Advancing Btrfs Interests On Fedora
Fedora COSMIC Desktop Spin Proposed For Fedora 42
Fedora 42 Looking To Package Intel SGX Software Stack
Fedora 42 Aims To Enhance The Windows Subsystem For Linux Experience
Fedora Stakeholders Debate Concerns Over "Karma" Term For Their Updates System
Fedora KDE Desktop Spin Promoted To Same Tier As GNOME-Based Fedora Workstation
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
COSMIC Alpha 4 Released For System76's Rust-Based Desktop
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
KDE Starts December By Landing A Number Of New Features