Announcement

Collapse
No announcement yet.

Does SELinux Slow Down Fedora 15?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Does SELinux Slow Down Fedora 15?

    Phoronix: Does SELinux Slow Down Fedora 15?

    Earlier this week there were Fedora 15 vs. Ubuntu 11.04 benchmarks looking at the overall system performance as well as the power consumption. Both of these Linux distributions had performed close to one another, as is expected considering the similarities in their kernel and other packages, but there were some discrepancies in the disk tests. Speculations in the forums were that some of the performance differences might be attributed to SELinux, so here are some tests seeing the performance impact of SELinux on Fedora 15.

    http://www.phoronix.com/vr.php?view=16094

  • #2
    Disabling SELinux had resulted in the PostMark mail server test profile yielding 5% higher performance than the stock Fedora 15 settings.
    No. Run the test 10 times and then we'll see

    Comment


    • #3
      I'm not sure if this is good for Fedora the differences are, so small (which is great for SELinux). Maybe it was lvm which affected Fedora performance in comparision to Ubuntu? Anyway, thanks for the benchmarks.

      Comment


      • #4
        How needs SELinux anyway?

        I always disable it, it just causes problems.

        Comment


        • #5
          Originally posted by felipec View Post
          I always disable it, it just causes problems.
          Indeed... security so strong, you can't use your computer.

          Comment


          • #6
            Originally posted by dsmithhfx View Post
            Indeed... security so strong, you can't use your computer.
            But you'd be a fool not to run it on a server with an exposed port listening on the public internet. Any kind of attack surface and you definitely want to run it.

            Heck even a web browser can be an attack surface.

            Comment


            • #7
              Apparently the devs who wrote it are able to understand it, and that's good enough for them.

              Comment


              • #8
                More Accurate Benchmarks

                It is good that someone is getting onto this as it is one of the key features that differentiates fedora from other distros.

                The performance impact of selinux would be better reflected if hardware latencies are minimised. Netbook disks are typically low-end. The suggestion is that a Sandy + SSD or higher-end platter config might help further quantify the performance differences in a more useful way.

                While I feel that the current results are not conclusive, I really appreciate that someone is getting onto this!

                Comment


                • #9
                  Easier to build an Interocitor than configure SELINUX

                  It's easier to build the much sought after Interocitor than configure SELINUX.
                  I'd like to see a write up on it being utilized to thwart a simulated attack. At least the Interocitor has laser beams

                  Comment


                  • #10
                    It'd also be interesting to track CPU usage during the IO-bound tests, to see if there's any greater user/system load. If you're running a CPU-intensive setup and also trying to do lots of filesystem work, you'd want to know if one affects the other.

                    Comment

                    Working...
                    X