turing off selinux makes gnome 60% faster?
Stephen Smalley
sds at tycho.nsa.gov
Mon Mar 20 13:49:41 UTC 2006
On Sun, 2006-03-19 at 12:03 +0100, dragoran wrote:
> dragoran wrote:
>
> > according to this review:
> > http://distrocenter.linux.com/distrocenter/06/03/08/2321254.shtml?tid=107
> > "FC5 runs on a 2.6.15 kernel and uses a branded version of GNOME 2.14
> > as its default desktop. Although GNOME 2.14 is roughly twice as fast
> > as earlier versions when installed in other distributions, little of
> > this acceleration is visible in FC5. A large part of this relative
> > slowness is due to the default enabling of SELinux -- turn it off, and
> > GNOME is as much as 60% faster."
> >
> > turing off selinux makes gnome 60% faster...
> > can this be true?
> > how does selinux affects gnome perfomance?
> >
> > --
> > fedora-selinux-list mailing list
> > fedora-selinux-list at redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> >
> >
> nm...
> old review used a debug enabled kernel
Yes, saw that review and asked its author for more detail, but he had
already scrubbed the test machine for another review. Even with a
debug-enabled kernel, I don't see any reason why there would be such an
overhead from SELinux. One possible explanation might be that some
background process was hitting an AVC denial due to yet another missing
permission in the policy, thereby putting load on the audit system and
flooding audit.log, which would slow down the system.
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list