|
|
Subscribe / Log in / New account

LCA: Bruce Schneier on the two sides of security

LCA: Bruce Schneier on the two sides of security

Posted Feb 13, 2008 13:39 UTC (Wed) by ekj (guest, #1524)
Parent article: LCA: Bruce Schneier on the two sides of security

SELinux is a bad example.

I, like most sysadmins I know have been turning it off. But not for any reason of irrational fear like you suggest, but rather precisely for the reason one should do it, according to the Schneier you quote: For many people it just plain isn't worth it.

I assume I'm some uncertain amount safer when I have it turned on, hard to say precisely how much, but it'll certainly have some positive effect, prevent some types of attack from succeeding.

But I -KNOW- from personal first hand experience that:

  • It is complex. Complexity is -bad- for security.
  • I don't understand it. Not even after having spent probably a week spesifically trying to understand it. Possibly, I'm just stupid, but that's the way it is.
  • It takes a lot of time to configure it correctly for any non-trivial setting.
  • Having it turned on causes a lot of headaches with stuff that otherwise "just works".
Put differently: The COST of running with SELinux is known and HIGH. The benefit is unknown, but assumed moderately positive. Not enough positive to defend turning it on though.

Being more secure does not help if the added work is MORE than the gain in security. I don't use SELinux for the same reason I wouldn't support banning all airplanes; both would probably improve security, but the cost is to high.

to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds