performance loss with selinux?
Steve Snyder
swsnyder at insightbb.com
Sat Jun 25 23:24:43 UTC 2005
On Thursday 23 June 2005 11:55 pm, Vassilios Kotoulas wrote:
> hi all,
>
> I run a postgres server with permanent very high disk and network load.
> I would like to enable selinux but I can't afford any loss of
> performance. Does selinux bring a noticeable performance loss?
http://www.crypt.gen.nz/selinux/faq.html#WWW.14
'Currently, the performance overhead is approximately 7%. There has been
little effort to date to optimise the SELinux code for performance, and in
some cases such as networking the impact may be higher. The SELinux
development team is looking at improving performance. If you set
"selinux=0" as a kernel boot option, SELinux will have no performance
impact.'
See also the avcstat utility for dumping SELinux statistics.
More information about the fedora-list
mailing list