Arch Linux's Archinstall 4.2 Fixes Botched Disk Encryption Security
([Arch Linux] 3 Hours Ago
Archinstall 4.2)
- Reference: 0001627219
- News link: https://www.phoronix.com/news/Archinstall-4.2
- Source link:
Archinstall 4.2 is now available as the latest update to this very convenient, text-based Arch Linux OS installer.
Significant with Archinstall 4.2 is a security fix to avoid writing encryption keyfiles as plain text to unencrypted root partitions. There was a mistake in Archinstall until now that if encryptiong partitions like /home but not the root partition, the key files would be written to the unencrypted root in plain text. With Archinstall 4,2 key files are only generated when the root is also encrypted. This security issue was [1]reported back in June 2023 but only now resolved. At least for those using full disk encryption / encrypted root partitions, there isn't any issue.
Archinstall 4.2 also brings a number of bug fixes, defaulting to using the nvidia-open driver package rather than nvidia-open-dkms for mainline kernels, and no longer installing X.Org packages for Wayland-based desktop profiles. Archinstall 4.2 also now allows more granular KDE Plasma configurations to meet user preferences.
More details on all of the changes found in Archinstall 4.2 can be discovered over on [2]GitHub .
[1] https://github.com/archlinux/archinstall/issues/1856
[2] https://github.com/archlinux/archinstall/releases/tag/4.2
Significant with Archinstall 4.2 is a security fix to avoid writing encryption keyfiles as plain text to unencrypted root partitions. There was a mistake in Archinstall until now that if encryptiong partitions like /home but not the root partition, the key files would be written to the unencrypted root in plain text. With Archinstall 4,2 key files are only generated when the root is also encrypted. This security issue was [1]reported back in June 2023 but only now resolved. At least for those using full disk encryption / encrypted root partitions, there isn't any issue.
Archinstall 4.2 also brings a number of bug fixes, defaulting to using the nvidia-open driver package rather than nvidia-open-dkms for mainline kernels, and no longer installing X.Org packages for Wayland-based desktop profiles. Archinstall 4.2 also now allows more granular KDE Plasma configurations to meet user preferences.
More details on all of the changes found in Archinstall 4.2 can be discovered over on [2]GitHub .
[1] https://github.com/archlinux/archinstall/issues/1856
[2] https://github.com/archlinux/archinstall/releases/tag/4.2