Безопасность в fedora linux

Security Features

Fedora is the thought and action leader in many of the latest Linux security initiatives. The following security features were developed by Fedora engineers. In line with the Fedora policy, these security features have been pushed upstream and they are available to all Linux distributions who choose to take advantage of them.

For a detailed table of which features are in particular Fedora versions, refer to Security Features Matrix. An ancient version of this table is http://www.awe.com/mark/blog/200801070918.html.

For Red Hat security information, refer to http://www.redhat.com/security/

Security HOWTO

For guidance on basic security see SecurityBasics

Firewall by default

Fedora provides a default firewall that can limit both incoming and outgoing connections and Fedora 8 and above includes a very user friendly system-config-firewall utility.

Easy and Painless Administration: PolicyKit

Following all the other security enhancements comes PolicyKit. PolicyKit is a new toolkit from Fedora developers for controlling privileges of system-wide services. Instead of elevating privileges wholesale to the entire program when needed, PolicyKit enables very fine grained isolation of higher privileges to small services or non-graphical utilities. This functionality is accessed by programs through a D-Bus interface in coordination with HAL, allowing administrators to control how users perform certain tasks, and which tasks they are allowed to perform. Support for PolicyKit will be added to administrative tasks and tools throughout the distribution in an incremental fashion.

SELinux

Fedora is the first mainstream operating system to provide MAC (Mandatory Access Control) based security using SELinux enabled by default. SELinux was developed in partnership with the NSA (National Security Agency) — A US based government security organisation and Red Hat with developers from projects such as Gentoo and Debian. Security Enhanced Linux protects users and processes by watching all actions on the system, from opening a file to using a socket. Users may write their own SELinux security policies according to their risk tolerance. By default, Fedora runs a targeted security policy that protects network daemons that have a higher chance of being attacked. If compromised, these programs are extremely limited in the damage they can do, even if the root account is cracked.

For example, Apache is protected in four different ways. The executable for Apache, httpd, is protected at compile time by PIE and Exec-Shield. The executable binary file on the system is protected by ELF hardening. Finally, SELinux policies are in place so that if httpd is cracked, it can only append to the Apache logs and mangle content in specific directories; it cannot roam around home directories or otherwise interact with the rest of the system.

Fedora 8 and above offers Kiosk functionality via SELinux, among many new enhancements and security policy changes. We now have merged improvements from the strict policy to a single targeted policy package, and a separate strict policy is not available in Fedora anymore.

Full Disk and File Level Encryption

Full disk encryption can be conveniently selected during installation and provides improved security in cases of unauthorized hardware access or device theft. See Disk Encryption User Guide for more details.

Various transparent and non-transparent file level encryption methods are supported, see Disk and File Encryption

Virtualization and Sandboxing

Fedora provides support for many virtualization techniques and sandboxing which can be used to improve security. Additional security restrictions (sVirt) are enforced by SELinux for the virtualized machines.

• Virtualization allows running isolated virtual machines
• Sandboxing allows effective isolation of one or more processes without the overhead of emulating a completed virtual machine with an own operating system.

Exec-Shield

Modern processors support a feature called NX which allows a system to control the execution of various portions of memory. Data memory is flagged as non-executable and program memory is flagged as non-writable. This helps prevent certain types of buffer overflow exploits from working as expected.

Since not all processors support the NX feature, attempts have been made to support this feature via segment limits. A segment limit will prevent certain portions of memory from being executed. This provides very similar functionality to NX technology.

PIE is an Exec-Shield technology that allows a programmer to make the executable load at a different memory address each time it starts. Attackers cannot predict where the application will start, making it very hard to exploit. As of Fedora 23, packages in Fedora are compiled as PIE by default across all architectures, with a few exceptions that are still being worked on.

Compile Time Buffer Checks (FORTIFY_SOURCE)

GCC compiler and GLIBC C library from Fedora Core 4 onwards has gained a feature called «FORTIFY_SOURCE» that will detect and prevent a subset of the buffer overflows before they can do damage. The idea behind FORTIFY_SOURCE is relatively simple: there are cases where the compiler can know the size of a buffer (if it’s a fixed sized buffer on the stack, as in the example, or if the buffer just came from a malloc() function call). With a known buffer size, functions that operate on the buffer can make sure the buffer will not overflow. FORTIFY_SOURCE in Fedora 8 has been enhanced to cover C++ in addition to C, which prevents many security exploits.

ELF (Executable and Linkable Format) Data Hardening

These are changes to the file components that protect the structure of the file itself.

Restricted Kernel Memory Access

Fedora restricts how the kernel memory (/dev/mem) can be overwritten. This prevents several rootkits from functioning resulting in a safer and more secure system.

Stack Smash Protection, Buffer Overflow Detection, and Variable Reordering

All of the software in the Fedora Package Collection is compiled using a security feature called fstack-protector. fstack-protector puts a canary value on the stack of key functions. Just before the return address and just before returning from that value, that canary value is verified. If there was a buffer overflow, the canary no longer matches and the program aborts. The canary value is random for each time the application is started and makes it impossible to guess remotely. This is a security feature that has been backported from GCC 4.1 to the version of the GCC compiler used in Fedora Core 5 test1. This feature has been written by Red Hat developers and provides similar functionality to the IBM propolice/ssp patches. ]

Secure remote management for Xen, KVM, and QEMU virtualization

The libvirt Xen and KVM management API in Fedora 8 and above can be securely used from a remote host, using SSL/TLS encryption and x509 certificates for client authentication. The VNC server for Xen and KVM supports the VeNCrypt protocol extension, encrypting the entire guest console session with SSL/TLS and x509 certificates.

The virt-manager application can take advantage of these improvements to allow secure remote management of multiple servers. As an alternative to SSL, virt-manager can also tunnel both libvirt and VNC over SSH. Further details can be found on the virt-manager wiki.

Glibc Enhancements

The glibc package in Fedora 8 and above has support for passwords using SHA256 and SHA512 hashing. Before only DES and MD5 were available. The tools to create passwords have not been extended yet, but if such passwords are created in others ways, glibc will recognize and honor them.

Copyright © 2023 Red Hat, Inc. and others. All Rights Reserved. For comments or queries, please contact us.

The Fedora Project is maintained and driven by the community and sponsored by Red Hat. This is a community maintained site. Red Hat is not responsible for content.

• This page was last edited on 31 December 2022, at 01:26.
• Content is available under Attribution-Share Alike 4.0 International unless otherwise noted.

• Privacy policy
• About Fedora Project Wiki
• Disclaimers
• Code of Conduct
• Sponsors
• Legal
• Trademark Guidelines

Источник

Fedora keeps you safe

Once you have downloaded an image, be sure to verify it for both security and integrity.

By calculating the image’s checksum on your own computer and comparing it to the original checksum, you can verify the image has not been tampered with or corrupted. Images are also gpg signed with Fedora keys to demonstrate their integrity.

Нажмите на кнопку проверки

, чтобы получить инструкцию, специально подогнанную под загружаемый файл.

Verify with CHECKSUM files

If your download comes with a CHECKSUM file, follow these easy steps to verify your image for both security and integrity.

curl -O https://fedoraproject.org/fedora.gpg

gpg --with-fingerprint --show-keys --keyid-format long fedora.gpg

gpgv --keyring ./fedora.gpg *-CHECKSUM

If the output states that the file is valid, then it’s ready to use!

Package signing keys

Learn how Fedora uses package signing to help protect you.

Each stable RPM package published by the Fedora Project is signed with a GPG signature. By default, dnf and the graphical update tools will verify these signatures and refuse to install any packages that are not signed or have bad signatures. You should always verify the signature of a package before you install it. These signatures ensure that the packages you install are what was produced by the Fedora Project and have not been altered (accidentally or maliciously) by any mirror or website that is providing the packages.

Current GPG keys

Fedora Rawhide

id: rsa4096/18B8E74C 2022-08-09

Fingerprint: E8F2 3996 F232 1864 0CB4 4CBE 75CF 5AC4 18B8 E74C

DNS OpenPGPKey: 48cb71516f035e33db6249d81d145d8b9198da654fbfbcf16c06104d._openpgpkey.fedoraproject.org

Fedora 38

id: rsa4096/EB10B464 2022-02-08

Fingerprint: 6A51 BBAB BA3D 5467 B617 1221 809A 8D7C EB10 B464

DNS OpenPGPKey: 490cba59bda7a7f15781835ffff717f123dd00297312f7a03b74b9a7._openpgpkey.fedoraproject.org

Fedora 37

id: rsa4096/5323552A 2021-08-10

Fingerprint: ACB5 EE4E 831C 74BB 7C16 8D27 F55A D3FB 5323 552A

DNS OpenPGPKey: 5dde64bce74cf052cba5361957e81b0fe47a044c63d2a7315cdac7cd._openpgpkey.fedoraproject.org

Fedora 36

id: rsa4096/38AB71F4 2021-02-10

Fingerprint: 53DE D2CB 922D 8B8D 9E63 FD18 999F 7CBF 38AB 71F4

DNS OpenPGPKey: 6e5f831105b72f261abfc06974c08b4ed718c650447d0b309b8658dd._openpgpkey.fedoraproject.org

Fedora 35

id: rsa4096/9867C58F 2021-02-04

Fingerprint: 787E A6AE 1147 EEE5 6C40 B30C DB46 3971 9867 C58F

DNS OpenPGPKey: e27f1efe21ae589b7796e61af3ac4a4c1c2428615daca70d8f1c9e96._openpgpkey.fedoraproject.org

Fedora 34

id: rsa4096/45719A39 2020-08-06

Fingerprint: 8C5B A699 0BDB 26E1 9F2A 1A80 1161 AE69 4571 9A39

DNS OpenPGPKey: 32ad6615edafd4beed53d0bd1ce26a32c38ef7192197ce96507ba1f1._openpgpkey.fedoraproject.org

Fedora 33

id: rsa4096/9570FF31 2020-01-28

Fingerprint: 963A 2BEB 0200 9608 FE67 EA42 49FD 7749 9570 FF31

DNS OpenPGPKey: c57a03fcb0ce3e355f68629319df46b263c794e6fe17aed3b112d19c._openpgpkey.fedoraproject.org

Fedora IOT

id: rsa4096/DBBDCF7C 2018-11-13

Fingerprint: C2A3 FA9D C67F 68B9 8BB5 43F4 7BB9 0722 DBBD CF7C

DNS OpenPGPKey: 8b6135462c1d8c1a927b1a9eb1f47c2c1cde3429ae60ccd630d057ac._openpgpkey.fedoraproject.org

EPEL 9

id: rsa4096/3228467C 2021-09-07

Fingerprint: FF8A D134 4597 106E CE81 3B91 8A38 72BF 3228 467C

DNS OpenPGPKey: 1a355c3f6ac5389917041321fdddee2c0ffc4a38f78adec159a015ec._openpgpkey.fedoraproject.org

EPEL 8

id: rsa4096/2F86D6A1 2019-06-05

Fingerprint: 94E2 79EB 8D8F 25B2 1810 ADF1 21EA 45AB 2F86 D6A1

DNS OpenPGPKey: 1a355c3f6ac5389917041321fdddee2c0ffc4a38f78adec159a015ec._openpgpkey.fedoraproject.org

EPEL 7

id: rsa4096/352C64E5 2013-12-16

Fingerprint: 91E9 7D7C 4A5E 96F1 7F3E 888F 6A2F AEA2 352C 64E5

DNS OpenPGPKey: 1a355c3f6ac5389917041321fdddee2c0ffc4a38f78adec159a015ec._openpgpkey.fedoraproject.org

Источник