Karl MacMillan wrote: >>SELinux is big, slow, and complicated. Not everyone likes that. QED :) >> >Not to take this comment too seriously, but are you referring to the security >server currently provided by SELinux which implements TE or general framework >provided by SELinux (FLASK)? It doesn't seem like you are making that >distinction in your comments. > I have not done the detailed measurements to distinguish between the FLASK layer and the TE layer. Most of the available information on SELinux does not make such a distinction. The "big" comment is the size of the module and the size of the set of associated utilities. The "slow" comment is from SELinux's self-claimed overhead of 6-15% (Immunix measures at 0-2%) as well as other anecdotal stories about poor performance. The "complicated" remark comes from both the wide-spread reputation that SELinux is very hard to use as well as direct comparisons that we have done of trying to perform equivalent security tasks with SELinux and Immunix. Caveat: this "equivalent task" is to create a per-application policy, what Red Hat calls the "targeted policy". Immunix was designed from the outset to enforce a security model very similar to the targeted policy, while SELinux is being pressed into service to do that. Conversely, Immunix AppArmor was not designed to enforce anything like the SELinux "strict policy", and making it do that would produce usability problems, at the least. All of which supports my point that there is more than one security model that different users may want. LSM lets users choose the appropriate model for them. Crispin -- Crispin Cowan, Ph.D. http://immunix.com/~crispin/ Director of Software Engineering, Novell http://novell.com
This archive was generated by hypermail 2.1.3 : Wed May 25 2005 - 19:31:41 PDT