[CentOS] SELinux - way of the future or good idea but !!!

Tue Nov 30 20:11:07 UTC 2010

On Tuesday, November 30, 2010 02:04:12 pm Benjamin Franz wrote:
> On 11/30/2010 10:42 AM, Lamar Owen wrote:
> >
> > It boils down to balancing 'it breaks my app that I can't or won't fix' against 'you've been pwned!'
> 
> Actually, it boils down to 'what causes more total costs to the 
> business'. 

Not what causes, but what could cause, in the terms of the risk analysis.  The probability of the cost is part of the equation, but in many cases it becomes 'what can a single breach cost me in the worst case' and that can outweigh what seems to be large costs.  You might have a small probability of infiltration, but the cost of a single infiltration (in some areas, like healthcare and financial) can be so huge that a single infiltration could bankrupt you.  If you do your online banking on your laptop, it is no stretch to say that a single infiltration of your laptop has the potential to bankrupt you, or worse.  Yeah, worse: the infiltrator might be malicious enough to plant illegal material on your system and make your life really miserable, as the case of Michael Fiola showed.

And in the main SELinux integration is not a high cost.  It may be in your area, but it hasn't been in mine.  If it were that big of a problem, Red Hat wouldn't include it in the upstream due to customer pressure.  SELinux, at least for me and others, has a very positive benefit to cost ratio. YMMV.

> Security in not an end unto itself. It exists to support the business 
> making money. If a cost saving measure is costing the business more than 
> it is saving it, it is *not* a good idea no matter how technically 
> superior it is.

And that's a big if.  One must carefully define 'savings' in order to make an informed decision.  It is a balance, that is sure.

> This in a very real sense is similar to the 'how much resources should 
> measures to prevent shoplifting be given' in a retail store. If the 
> anti-shoplifting measures are costing *more* than the shoplifting you 
> are preventing - you have lost sight of the actual reason for 
> anti-shoplifting measures in the first place.

As former loss-prevention for Kmart many years ago, I know that there's more to that than economics, there's a significant public-relations piece that's difficult to impossible to quantify.  And we found it difficult in the extreme to determine how much theft the visible presence of loss-prevention personnel and equipment actually prevented.

And there is an area where defense in depth is heavily practiced.