On 03/27/2014 02:01 AM, Andy Lutomirski wrote:
Essentially, it's a performance problem. knfsd has override_creds, and it can cache struct cred. But userspace doing the same thing (i.e. impersonating a user) has to do setresuid, setresgid, and setgroups, which kills performance, since it results in something like five RCU callbacks per impersonation round-trip.
Do you mean setfsuid instead of setresuid? -- Florian Weimer / Red Hat Product Security Team -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
