From owner-freebsd-hackers Mon Jun 4 12: 7:45 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from beppo.feral.com (beppo.feral.com [192.67.166.79]) by hub.freebsd.org (Postfix) with ESMTP id CACD437B401 for ; Mon, 4 Jun 2001 12:07:43 -0700 (PDT) (envelope-from mjacob@feral.com) Received: from zeppo.feral.com (IDENT:mjacob@zeppo.feral.com [192.67.166.71]) by beppo.feral.com (8.11.3/8.11.3) with ESMTP id f54J7Jg80136; Mon, 4 Jun 2001 12:07:19 -0700 (PDT) (envelope-from mjacob@feral.com) Date: Mon, 4 Jun 2001 12:07:19 -0700 (PDT) From: Matthew Jacob Reply-To: mjacob@feral.com To: Rich Morin Cc: hackers@FreeBSD.ORG Subject: Re: speeding up /etc/security In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG That's an interesting question. A couple of ideas: a) I wonder of RWatson's ACL stuff could help here? b) This problem cries for a DMAPI type solution- you could have a daemon that monitors all creats/chmods and retains knowledge of the filenames for all SUID/SGID creats/chmods- this way /etc/security would simply summarize the current list and could be run any time. > /etc/security takes a number of hours to run on my system. The problem > is that I have some very large mounted file systems and the code to look > for setuid files wants to walk through them all. I recoded the check in > Perl, but it ran at about the same speed. I have considered reworking > the code to do the file systems in parallel, but I thought I should ask > here first. Comments? Suggestions? > > -r > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message