Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks
From: Alan Cox
Date: Mon Apr 17 2006 - 18:44:41 EST
On Llu, 2006-04-17 at 15:15 -0700, Gerrit Huizenga wrote:
> I get the impression from customers that SELinux is so painful to
> configure correctly that most of them disable it. In theory, LSM +
Red Hat ships SELinux enabled by default with a set of policies that
most users just leave enabled, indeed most users don't even know they
have SELinux enabled or what SELinux is, any more than they could say
tell you what posix acls do.
That said there is a need for nice pretty policy design tools, but
that's not part of an LSM discussion.
> something like AppArmour provides a much simpler security model for
If the AppArmour people care to submit their code upstream and get it
merged then that would be a reason to keep LSM, if they don't then LSM
(if they even want it..) can just become part of their patchkit instead.
> normal human beings who want some level of configuration. Also,
> the current SELinux config in RH is starting to have a measureable
> performance impact.
In Fedora Core its impact is far from obvious from my testing. Older
SELinux had some ugly SMP scaling problems but those are fixed.
Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/