Matthew Miller wrote:
On Thu, Sep 20, 2007 at 11:49:41PM -0400, David Boles wrote:
This way is, IMO, the crude way to do this. Turn SELinux off, if you chose
to do so, in the SELinux configuration file.
/etc/selinux/config
change SELINUX=enforcing
to SELINUX=disabled
If you do this, are you still paying the performance penalty but with no
security gain?
Depends on what you mean by "performance penalty".
One measure of performance is RAM utilization. If SELinux is
built into the distro, then it eats RAM regardless of whether
it be "enforcing". Furthermore, some of the code in it
gets executed, no matter what. Defects in that code
are always waiting for the circumstances to be right (or
wrong, one might say) to be triggered.
Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
