[Security_sig] 10/14 Conf. call minutes

Wichmann, Mats D mats.d.wichmann at intel.com
Tue Oct 19 14:51:18 PDT 2004

>As is stands right now SELinux is far removed from something I would 
>want to deploy in the field. There are a couple of reasons, which in
>the end all boil down to one thing: complexity, and the resulting high
>cost of ownership. It requires highly skilled people to correctly 
>configure SELinux, and it is exceedingly difficult to 'prove' that the 
>configuration actually meets your goals and policies. In the current 
>marketplace we need to improve security and lower cost of deployment
>at the same time, and hiring $200/hour consultants does not help us
>to achieve that goal.

Which in turn boils down to "we'd prefer both, but cheap is more
important than secure". That's of course a valid business choice
if indeed it's true. It seems to me a great deal of what's been
discussed in this forum actually boils down to this question, for
example the "is MAC truly required" thread is a question of
cost/benefit. Good that the word "cost" is on the table but as
somewhat of a security outsider I'm sometimes surprised at the
way the scale tips: not sure the actual/potential costs have been
accurately figured on both sides when "cheap" seems to become
the operative word.  What's that line about a free lunch?

More information about the security_sig mailing list