On Thursday 23 June 2005 11:55 pm, Vassilios Kotoulas wrote: > hi all, > > I run a postgres server with permanent very high disk and network load. > I would like to enable selinux but I can't afford any loss of > performance. Does selinux bring a noticeable performance loss? http://www.crypt.gen.nz/selinux/faq.html#WWW.14 'Currently, the performance overhead is approximately 7%. There has been little effort to date to optimise the SELinux code for performance, and in some cases such as networking the impact may be higher. The SELinux development team is looking at improving performance. If you set "selinux=0" as a kernel boot option, SELinux will have no performance impact.' See also the avcstat utility for dumping SELinux statistics.
