How best get rid of SELinux?

[Mike McCarty]

Matthew Miller wrote:
> On Thu, Sep 20, 2007 at 11:49:41PM -0400, David Boles wrote:
> 
>>This way is, IMO, the crude way to do this. Turn SELinux off, if you chose
>>to do so, in the SELinux configuration file.
>>/etc/selinux/config
>>change SELINUX=enforcing
>>to SELINUX=disabled
> 
> 
> If you do this, are you still paying the performance penalty but with no
> security gain?

Depends on what you mean by "performance penalty".
One measure of performance is RAM utilization. If SELinux is
built into the distro, then it eats RAM regardless of whether
it be "enforcing". Furthermore, some of the code in it
gets executed, no matter what. Defects in that code
are always waiting for the circumstances to be right (or
wrong, one might say) to be triggered.

Mike
-- 
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!