Personally, I think SELinux can have a steep learning curve and it requires a careful implementation, including extensive testing of your applications with your proposed policies. If this process is followed, then I think the impact of potential SElinux usability issues is lessened.
As to the broader question of usability versus security? I always say security people are only in business if the business they support can do business. If security makes an application unusable and the business is then hampered in their ability to do business, then this can be as bad as if the application is unavailable due to an attack or compromise. Usability versus security should always be a risk-based balance/trade-off.
Implement the best possible set of security controls, for the optimal cost, to mitigate the most risk. If, for reasons of usability (or cost), you are unable to implement a control then articulate the risk, preferably in business terms like dollars, to of not implementing that control. If they accept that risk (and only they can), then document that acceptance and report it to the appropriate parts of your organization, like risk and audit groups/committees. Ultimately, your salary gets paid by the business making money. If you:
- Appropriately articulate any risk involved in doing business
- Present appropriate and cost-effective controls to mitigate those risks
- Document any risks that have not been mitigated, either by choice or some fundamental inability to mitigate
- Regularly re-evaluate risks and controls.
then you have done your best to secure your organisation in the most appropriate way.
This was first published in December 2006