Subject: Re: kern/2352: ident daemon is slow, it should not use /dev/kmem at all
To: None <mycroft@ai.mit.edu>
From: Tor Egge <tegge@idt.unit.no>
List: netbsd-bugs
Date: 05/11/1996 18:43:32
>
> Doesn't this change, as is, cause some programs (e.g. rsh) that always
> open sockets as root to always return `root' to ident queries? Saving
> the uid at socket creation time doesn't seem correct.
identd in NetBSD-current returns the effective uid at the socket
creation time, since it uses the credentials associated with the
file list. rsh is a program that will cause identd to always
returns root.
Saving the real (not effective) uid at socket creation time makes the
mapping from socket structure to uid returned by identd a lot faster,
and in the `rsh' case, you don't get the problem with only `root'
being returned. The problem of choosing between several different
current uids is also eliminated.
>
> It's worth noting that you could get a lot of the speedup you want by
> using the hash table from the user-level process rather than searching
> the entire TCB list.
When identd has found the socket structure, it still has to traverse
the file list and the process list to find the current uids for the
processes that have open files referring to that socket. On a live
kernel, changes to these data structures may cause identd to fail or
silently return a wrong result.
- Tor Egge