Subject: pkg/32115: security/audit-packages is too slow
To: None <pkg-manager@netbsd.org, gnats-admin@netbsd.org,>
From: None <rillig@NetBSD.org>
List: pkgsrc-bugs
Date: 11/19/2005 12:37:00
>Number: 32115
>Category: pkg
>Synopsis: security/audit-packages is too slow
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: pkg-manager
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat Nov 19 12:37:00 +0000 2005
>Originator: Roland Illig
>Release: NetBSD 3.99.10
>Organization:
>Environment:
System: any
>Description:
A simple "make check-vulnerable" in pkgtools/pkglint takes about six
seconds on my machine. In these six seconds, pkg_admin(8) is executed
2972 times. It _must_ be possible to achieve the same thing in less than
0.5 seconds.
>How-To-Repeat:
cd ${PKGSRCDIR}/pkgtools/pkglint && time make check-vulnerable
>Fix:
Fix security/audit-packages to not call pkg_admin(8) that often.