DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; q=dns; s=
	default; b=LdgZsTC18zPzpxu7V/c7hM6HIPjKjmdvIVvGRZLXkODwEXcRlF94V
	VTwLxBPKSXaVL9+keGSmLn0g56+0rDPrfe4whXy0BcqRX50qEAhqhbeSdEHcsAaK
	6/shYsVRmdO47NPZjujMgXLy/W9OoWX5RvV6K8yEA+tv8vrCXa98Cg=
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Date: Mon, 9 Nov 2015 11:09:53 +0100
From: Corinna Vinschen <corinna-cygwin@cygwin.com>
To: cygwin@cygwin.com
Subject: Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 2.3.0-0.7
Message-ID: <20151109100953.GA20001@calimero.vinschen.de>
Reply-To: cygwin@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
References: <announce.20151106092658.GA30065@calimero.vinschen.de> <563C8B08.9000405@gmail.com> <20151106125012.GA26566@calimero.vinschen.de> <87fv0ihqfk.fsf@Rainer.invalid>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;	protocol="application/pgp-signature"; boundary="Q68bSM7Ycu6FN28Q"
Content-Disposition: inline
In-Reply-To: <87fv0ihqfk.fsf@Rainer.invalid>
User-Agent: Mutt/1.5.23 (2014-03-12)

--Q68bSM7Ycu6FN28Q
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Nov  6 20:35, Achim Gratz wrote:
> Corinna Vinschen writes:
> > One of the sore points is performance hit when
> > using AuthZ to fetch the effective user permissions.  How's your
> > impression?  Is it noticable in your environment?
>=20
> Aside from the somewhat contrived example I already gave, the normal
> day-to-day operation with the snapshot so far was uneventful.  Other
> users besides me have the snapshot installed since about a week, so if
> there were any catastrophic degradation I should know by now (I did ask
> them to report back if they see something that's different as before).

Sounds good.  Nevertheless, I'll release 2.3.0-1 and an 2.4.0-0.1 test
release today.

It occured to me that there's a potential way to tweak the code to
reduce the number of AuthZ calls.  Consider:

If the user has its own ACE, and if user_perms | all_group_perms |
other_perms =3D=3D user_perms, or if user_perms are already RWX, then there
are no groups which could have more permissions than the user already
owns all by itself.

Good examples of this scenario are typical default POSIX perms 644 or
755 or even 775, used a lot throughout existing Cygwin trees.  None of
them require to check with AuthZ, but the AuthZ test is performed
indiscriminately if it's a not one of the "new" Cygwin ACLs.

I'll look into that this week.


Corinna

--=20
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

--Q68bSM7Ycu6FN28Q
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWQHDxAAoJEPU2Bp2uRE+gB1YQAIfqz3VgRXK0QfKSosOvbQ7W
rYomF6K0a9hhLo0kT+WOI7q+RgwmxF3MrK6F4TTlELCIGvFCI3X64eO4jKP1sXHh
jkzkWR0GdkS8MutuTM98MlC8rZTN0aGCias2YM9Gy/rHfISEdgONC7a87EXzKQlD
IVQy0CEBxRK2wWzy7qPedUqalWnn+1FWM9D4CpxRJU5JDPgDcBfbFLP7ie32F/TI
BG568tgn2pzPF12/oYcdRSI0ls0/pBYBC0lRGQWEzn6lyKFJIrs6mwLnztk1AvBP
ZIobJmDm2duzwqfOhhI9b7sapswyD60K5e9hXbdQjYu+Tq6Xejh84b06LdZdzBmG
odVF2Ei6paUmcr9nEVxRU349OBJdpeGFshNWJQy+tKh1Y6V4WoaK0+z0qCjtcgSh
7kiE+Y2qmapWaoYVQzWKER+59V+n1hP5tCwJXpMKrhl8J7nSSq/yc5aRaDiEoPX/
MfYRe2diG51TjC9ntbgaKn343FSNvD3QMaHuVjzmsPJcE/VCpoXLUUc49lEY8k7/
VtWb5ZycyFZnDT0v/iCPL4YlQM/Rd6BGIWCh4E3goRnJq3T6ggPSpkvr7WacO1FA
ag5YCoxWNFtQY/qGFt4Sca4u6O0OPvvZ3nrd56D1Ixbv8cSyX3Hq4Ohtq5SC3uF3
HvnnU/rxdkIKT05Q4FQi
=C7m8
-----END PGP SIGNATURE-----

--Q68bSM7Ycu6FN28Q--