Q&A: Ubuntu 9.10 security
by Mirko Zorz - Thursday, 5 November 2009.
Kees Cook is the security engineer and Gerry Carr is the head of platform marketing at Canonical. In this interview they discuss the security improvements in Ubuntu 9.10, the security challenges the Ubuntu team faces as well as what the latest version of Ubuntu offers to the developer community.

What are the most notable security features introduced with Ubuntu 9.10?

The widest-reaching change was the introduction of non-executable memory emulation for Ubuntu systems that lack non-exec hardware. Modern CPUs allow regions of memory to be marked as "non-executable", like the stack and heap. This puts a stop to large classes of vulnerability exploits. For systems that do not have it (or do not run in 64bit mode), Ubuntu's kernel now includes a partial form of this, emulated in the kernel by way of memory segment limits.

AppArmor saw several improvements this cycle, and had several more profiles created including ntpd, evince, and libvirt. Additionally, experimental profiles (available for testing) were created for Firefox and Apache. The libvirt integration provides even more isolation for virtual machines running under Ubuntu.

More applications were built as Position-Independent Executables, allowing them to take full advantage of the kernel's Address Space Layout Randomisation. Additionally, the PIE applications have been built with linker flags that reduce the areas within the application that can be subverted by attackers.

Other improvements include the Uncomplicated Firewall being enhanced to add interface and egress filtering, and the kernel now provides a one-way sysctl toggle that can block further module loading.

Since threats evolve quickly, what kind of challenges does this pose to the Ubuntu developer and security teams?

While much of the regular Linux security landscape is understood (e.g. permissions/role separation, firewalls, memory corruption, encryption), many technologies are still relatively young (e.g. virtualisation, cloud computing). Our team's challenges arise from testing these new technologies and looking for design flaws and security bugs.

As with any system, the largest challenge is mitigating design flaws. When a class of security vulnerabilities emerge based on a technological design issue, it can be tricky to find the right solution that does not unduly inhibit usability and then to also backport these changes to earlier stable releases.

Luckily, defenses are evolving quickly too. With more Mandatory Access Control systems being made available (e.g. SELinux, AppArmor, TOMOYO, SMACK), more work being done on capabilities, and better confinement and namespace separation, there will be more tools available to help stop vulnerabilities from getting very far.

Ubuntu has always been praised by the developer community. What does version 9.10 have in store for them?

There are a number of things we have focused at the developer. Quickly is a toolset to allow the opportunistic developer to really easily write apps that will run on Ubuntu. It automates many of the tasks that are required in compiling and testing any program, gives access to a smartly selected, technologies like Glade and Python. Critically it also automates the packaging of apps or Ubuntu which has been a stumbling block to many developers.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th