Re: Penalty of SELinux?
El dom, 23-09-2007 a las 14:41 -0500, Manoj Srivastava escribió:
> On Sun, 23 Sep 2007 11:14:57 -0400, Douglas A Tutty
> <dtutty@porchlight.ca> said:
>
> > On small systems, what about the penalty of just larger binaries? I
> > have some older boxes with 16-64 MB ram.
>
> Firstly: Very few packages have been actively patched to link
> with selinux. Second, the selinux libraries are shared libs -- so the
> actual binary is not significantly increased in size (well, dpkg is the
> exception, since it is linked statically with selinux).
>
> My Pentium II box with 64MB of ram seems to run in SELinux
> strict mode just fine -- it is my firewall.
>
> manoj
> --
The real problem with SELinux is that it come from a really well known
untrusted organization around the globe; and if the Debian Team accep it
blindly, Debian is going to become as Windows; remember that, who
creates, know it the best; and a group of pepople could see into our own
machine when they want it. Particularly, i do not want that! It is
exactly, giving the realized work, for decades, to the enemy!
> Lord, what fools these mortals be! William Shakespeare, "A
> Midsummer-Night's Dream"
> Manoj Srivastava <srivasta@acm.org> <http://www.golden-gryphon.com/>
> 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
>
>
Reply to: