Dailydave mailing list archives
Re: Is Windows Integrity Control in Vista really worth the performance hit? And does it really work?
From: "Chris Rohlf" <chris.rohlf () gmail com>
Date: Thu, 1 Mar 2007 21:51:54 -0500
On 3/1/07, Steve Grubb <sgrubb () redhat com> wrote:
On Thursday 01 March 2007 07:40, Rodrigo Rubira Branco (BSDaemon) wrote:Capabilities like selinux exist in linux a long time and offer a little impact in the overall system performance (but that impact exists)...True, there is a little impact and it varies based on actual workload.
The biggest impact IMHO is the administrative overhead most of these implementations create. Its almost not worth it in the end. And this experience comes from my own systems, not real production stuff. Then again the last time I tried SELinux was on debian about 2 years ago so things could have improved.
Linux solutions can be bypassed as well.Any kernel exploit that allows writing to arbitrary kernel memory can potentially defeat any kernel protection mechanism.
This sort of goes without saying. But what other known 'bypasses' are there for grsec or SElinux that don't require a kernel vulnerability? Im asking honestly, its been awhile since I've looked into this stuff. Chris -- http://em386.blogspot.com _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: Is Windows Integrity Control in Vista really worth the performance hit? And does it really work? Rodrigo Rubira Branco (BSDaemon) (Mar 01)
- Re: Is Windows Integrity Control in Vista really worth the performance hit? And does it really work? Steve Grubb (Mar 01)
- Re: Is Windows Integrity Control in Vista really worth the performance hit? And does it really work? Chris Rohlf (Mar 02)
- Re: Is Windows Integrity Control in Vista really worth the performance hit? And does it really work? endrazine (Mar 03)
- Re: Is Windows Integrity Control in Vista really worth the performance hit? And does it really work? Chris Rohlf (Mar 03)
- Re: Is Windows Integrity Control in Vista really worth the performance hit? And does it really work? endrazine (Mar 07)
- Re: Is Windows Integrity Control in Vista really worth the performance hit? And does it really work? Chris Rohlf (Mar 02)
- Re: Is Windows Integrity Control in Vista really worth the performance hit? And does it really work? Steve Grubb (Mar 01)
- <Possible follow-ups>
- Re: Is Windows Integrity Control in Vista really worth the performance hit? And does it really work? Rodrigo Rubira Branco (BSDaemon) (Mar 01)
- Re: Is Windows Integrity Control in Vista really worth the performance hit? And does it really work? Rodrigo Rubira Branco (BSDaemon) (Mar 03)