Linux 4.7 Debuts with Improved Security

108

The fourth major new Linux kernel of 2016 is now out with the debut today of Linux 4.7. The Linux 4.7 kernel follows Linux 4.6, which debuted on May 15.

Among the new features that are included in Linux 4.7 is the LoadPin Linux Security Module

“This LSM enforces that kernel-loaded files (modules, firmware, etc) must all come from the same filesystem, with the expectation that such a filesystem is backed by a read-only device such as dm-verity or CDROM,” the LoadPin commit message explains. “This allows systems that have a verified and/or unchangeable filesystem to enforce module and firmware loading restrictions without needing to sign the files individually.”

Read more at Linux Planet