SELinux Slogans

Lately conversations keep turning up new slogans for SELinux. I figure this is as good a place as any to keep a running list so here we go:

  • SELinux – Because users do weird shit.
  • SELinux – Fuck root.
  • SELinux – Hampering administrators since before it was cool.
  • SELinux – Take revenge against the BOFH
  • SELinux – High-security gone haywire.
  • SELinux – Turning it off is like removing the batteries from a smoke detector. Sure it sounds better but you might get burned.
  • SELinux – Because life is too simple.
  • SELinux – AppArmor sucks.
  • SELinux – It’s too early in the morning to be cleaning up after 11-year old kiddies.
  • SELinux – Too powerful for our own good.
  • SELinux – Here’s our root password, what’s yours?
  • SELinux – Didn’t they teach you about using protection in high-school?
  • SELinux – Blind faith not required

Thinking about slogans actually got me thinking about “short reasons to use SELinux”.

  • SELinux will save you tons of money, your TCO will go down and your ROI will go up.
  • SELinux supports 3-letter acronyms out of the box, no complex policy changes required.
  • Zero day vulnerabilities are a fact. Do something about it.
  • Trusted Solaris has been end-of-lifed and you’re not in the government space to begin with.
  • Path-named based access control is weak.
  • Implicitly trusting admins doesn’t have to be SOP.
  • You’re not a security expert, let us do the hard work.
  • The US military (and others) trust SELinux with their information, shouldn’t you? 1

These are just a few.

1 The answer to this question might actually be a resounding “no!” Don’t worry, I’m not offended.

Spencer Shimko 10 January 2008