What’s new in security for Ubuntu 26.04 LTS? | Ubuntu
ubuntu.com
Here’s a concise excerpt you can use:> Ubuntu 26.04 LTS significantly raises the security baseline by strengthening defaults across every layer of the system without requiring manual intervention. Key improvements include production-ready hardware-backed encryption, post-quantum–aware cryptographic defaults, modern TLS configurations, and […]

Highlights

  • Rust rewrite of GNU coreutils and sudo-rs
  • TPM-backed Full Disk Encryption now considered stable
  • More secure services (don’t run as root if not needed, AppArmor profiles)
  • AppArmor prompting for snaps is still experiemental unfortunately
    • Nobody@lemmy.worldOP
      1·
      5 hours ago

      If you have all the AppArmor patches and use a custom snap store, I believe so. There’s some inefficiencies with flatpak that are currently ignored. For example, every flatpak app has its own bubblewrap processing running, though they are light on resource usage. However, inter process communication is really inefficient, there’s a lot of context switching. You have the app talking to the dbus proxy and the proxy talks the real dbus (there might even be a step between the dbus proxy and real dbus).

      Meanwhile, for snap, this security stuff is handled by AppArmor security profiles. There’s no need for a dbus proxy.