Ubuntu security features¶ Overview of security features in Ubuntu¶ Overview of security features Additional Documentation Platform protections¶ Platform protections Devices UEFI Secure Boot Privilege restriction¶ Privilege restriction AppArmor Filesystem Capabilities PR_SET_SECCOMP Seccomp Filtering SELinux SMACK Cryptography¶ Cryptography Cloud PRNG Seed Disable Legacy TLS Password Hashing Process and memory¶ Process and memory protections Default compiler flags File handling protections Address Space Layout Randomisation (ASLR) 0-address protection /dev/mem protection /proc/$pid/maps protection ptrace scope Non-Executable Memory Pointer Obfuscation Heap Protector Kernel protections¶ Kernel protections Block kexec Block module loading Denylist Rare Protocols dmesg restrictions Kernel Address Display Restriction Kernel Address Space Layout Randomisation /dev/kmem disabled Kernel Lockdown Kernel Stack protector Module RO/NX Read-only data sections Storage¶ Storage and filesystem File Encryption Full disk encryption (FDE) Network and firewwalls¶ Network and firewalls Firewall No Open Ports SYN Cookies
