[arch-general] [arch-dev-public] Trimming down our default kernel configuration

[Mauro Santos]

On 28-03-2014 10:54, Arthur Țițeică wrote:
> It raises a question mark that the two most important components of a system 
> (systemd and the kernel) have security measures disabled.
> 
> People in this thread like to put out the over subjective "lightweight" factor 
> but still there are no bug reports or any other solid evidence that the kernel 
> ate their computers since apparmor, selinux and audit were semi-silently 
> enabled a few builds back.

Of the people that have pkgstats installed, almost no one is using any
of the security features, selinux and apparmor don't even register in
the stats [1], if they are not being used I don't see how
removing/disabling them makes for a less secure system.

Using selinux/apparmor/tomoyo requires comprehensive well written rules,
which no one is willing to maintain because it is a huge and hard job.
Things will subtly break after a while if rules are not rechecked with
every package update, it's not a matter of if but when will they break,
specially with arch that keeps close to the latest upstream releases.

People have complained that audit pollutes their logs and apparently it
is broken for containers and has to be disabled it with audit=0.

Less code means less bugs and a smaller attack surface, and I suppose
less of a burden for the one(s) actually maintaining the kernel package.

If no one comes forward and says: please don't remove features a b and c
because I'm actually making use of them in a production system, then I
suppose the features will be removed.

[1] https://www.archlinux.de/?page=PackageStatistics

-- 
Mauro Santos