On 28-03-2014 10:54, Arthur Țițeică wrote:
It raises a question mark that the two most important components of a system (systemd and the kernel) have security measures disabled.
People in this thread like to put out the over subjective "lightweight" factor but still there are no bug reports or any other solid evidence that the kernel ate their computers since apparmor, selinux and audit were semi-silently enabled a few builds back.
Of the people that have pkgstats installed, almost no one is using any of the security features, selinux and apparmor don't even register in the stats [1], if they are not being used I don't see how removing/disabling them makes for a less secure system. Using selinux/apparmor/tomoyo requires comprehensive well written rules, which no one is willing to maintain because it is a huge and hard job. Things will subtly break after a while if rules are not rechecked with every package update, it's not a matter of if but when will they break, specially with arch that keeps close to the latest upstream releases. People have complained that audit pollutes their logs and apparently it is broken for containers and has to be disabled it with audit=0. Less code means less bugs and a smaller attack surface, and I suppose less of a burden for the one(s) actually maintaining the kernel package. If no one comes forward and says: please don't remove features a b and c because I'm actually making use of them in a production system, then I suppose the features will be removed. [1] https://www.archlinux.de/?page=PackageStatistics -- Mauro Santos