Downloadable for a few days in its version 20.04 LTS, the Linux distribution from Canonical reinforces its security functions. It can be used on Windows workstations and servers through Windows Subsystem for Linux.
Canonical, the editor of the Ubuntu Linux distribution, has just delivered version 20.04 LTS which is based on the 5.4 version of the Linux kernel and reinforces the security features. In the process, the version of Ubuntu 20.04 for Windows 10 Subsystem for Linux was also made available on the Microsoft Store. It allows the distribution to be integrated on Windows workstations and servers, using Ubuntu Terminal to run the main utilities, applications and command line tools including bash, ssh, git, apt, etc. This solution is used in particular for cross-platform developments. Note that Ubuntu 20.04 for WSL does not support Windows 10 S.
The Windows Subsystem for Linux allows developers to run a GNU/Linux environment directly on Windows, avoiding the overhead of a virtual machine. (Image credit: Microsoft)
Secure Boot, Fast ID Online, virtio-fs, fs-verity…
Ubuntu 20.04 LTS implements kernel self-protection measures, control flow integrity (CFI), and stack-clash protection. The release also includes Secure Boot to protect against low-level attacks and against rootkits used by APT groups, and limits the proliferation of attacks by isolating key desktop and server applications (such as the MicroK8s package), lists Canonical. The editor also mentions the introduction of Fast ID Online for multi-factor and passwordless authentication. Native support for AMD’s SEV technology has been added to protect Linux VMs and data in use with accelerated memory encryption. Version 20.04 also includes WireGuard, a simplified VPN which will also be added to Ubuntu 18.04 LTS.
Based on version 5.4 of the Linux kernel, the distribution therefore includes virtio-fs, a Fuse-based driver (Filesystem in Userspace) for OS virtualization, which allows a virtualized guest to share a file system with the host. It was already possible with NFS and virtio-9P, but virtio-fs is more efficient. Other 5.4 additions include fs-verity which allows the file system to detect file corruption (like dm-verity, but differently), and dm-clone, for target mapping for copying block devices. The 20.04 LTS version for desktop and server is downloadable from the Ubuntu site and available on the main public clouds.