Re: Penalty of SELinux?

To: debian-user@lists.debian.org
Subject: Re: Penalty of SELinux?
From: "Douglas A. Tutty" <dtutty@porchlight.ca>
Date: Sun, 23 Sep 2007 11:14:57 -0400
Message-id: <[🔎] 20070923151457.GB6360@titan.hooton>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 87k5qi6loa.fsf@anzu.internal.golden-gryphon.com>
References: <[🔎] 20070922152909.GA7014@titan.hooton> <[🔎] 87k5qi6loa.fsf@anzu.internal.golden-gryphon.com>

On Sat, Sep 22, 2007 at 11:38:29PM -0500, Manoj Srivastava wrote:
> On Sat, 22 Sep 2007 11:29:09 -0400, Douglas A Tutty
> <dtutty@porchlight.ca> said:  
> 
> > I run a bunch of old machines.  Now that SELinux is integrated
> > (compiled in) to various pieces of Debian, is there a penalty even if
> > its not activated?
> 
>         Not that one can discern.  An active SELinux running in
>  enforcing mode can have upto 7-8% performance hit, but some patches are
>  going into 2.6.24 that might improve the performance.
> 
>         Of course, take all bench marks with a grain of salt, including
>  this one; it all depends on your particular load pattern; and system
>  resources, etc, etc.
> 

On small systems, what about the penalty of just larger binaries?  I
have some older boxes with 16-64 MB ram.  

Doug.

Reply to:

Follow-Ups:
- Re: Penalty of SELinux?
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: Penalty of SELinux?
  - From: Manoj Srivastava <srivasta@ieee.org>
- Re: Penalty of SELinux?
  - From: Michelle Konzack <linux4michelle@freenet.de>

References:
- Penalty of SELinux?
  - From: "Douglas A. Tutty" <dtutty@porchlight.ca>
- Re: Penalty of SELinux?
  - From: Manoj Srivastava <srivasta@ieee.org>

Prev by Date: Re: Tool for document management
Next by Date: Re: lirc on Debian with AMD64
Previous by thread: Re: Penalty of SELinux?
Next by thread: Re: Penalty of SELinux?
Index(es):
- Date
- Thread