security-misc/usr
Ashlen e14b81b15e
perf(permission-hardener): optimize string match
Replace subprocess grep calls with bash substring matching in
check_nosuid_whitelist function. This eliminates ~10k unneeded
subprocess spawns that were causing significant performance
degradation.

In testing, it improves overall script execution speed by an
order of magnitude:

Before patch:
$ sudo hyperfine -- './permission-hardener enable'
Benchmark 1: ./permission-hardener enable
  Time (mean ± σ):     11.906 s ±  0.974 s    [User: 3.639 s, System: 8.728 s]
  Range (min … max):   10.430 s … 14.090 s    10 runs

After patch:
$ sudo hyperfine -- './permission-hardener enable'
Benchmark 1: ./permission-hardener enable
  Time (mean ± σ):     802.8 ms ± 178.5 ms    [User: 283.0 ms, System: 471.9 ms]
  Range (min … max):   639.4 ms … 1092.3 ms    10 runs
2025-05-20 21:34:03 -06:00
..
bin perf(permission-hardener): optimize string match 2025-05-20 21:34:03 -06:00
lib Merge pull request #304 from raja-grewal/stop_pstore 2025-04-15 15:17:25 -04:00
libexec/security-misc handle case of non-existence of /proc/cmdline 2025-05-18 06:44:42 -04:00
share output 2025-04-25 03:11:39 -04:00