mirror of
https://github.com/Kicksecure/security-misc.git
synced 2025-06-24 19:00:30 -04:00
![]() Replace subprocess grep calls with bash substring matching in check_nosuid_whitelist function. This eliminates ~10k unneeded subprocess spawns that were causing significant performance degradation. In testing, it improves overall script execution speed by an order of magnitude: Before patch: $ sudo hyperfine -- './permission-hardener enable' Benchmark 1: ./permission-hardener enable Time (mean ± σ): 11.906 s ± 0.974 s [User: 3.639 s, System: 8.728 s] Range (min … max): 10.430 s … 14.090 s 10 runs After patch: $ sudo hyperfine -- './permission-hardener enable' Benchmark 1: ./permission-hardener enable Time (mean ± σ): 802.8 ms ± 178.5 ms [User: 283.0 ms, System: 471.9 ms] Range (min … max): 639.4 ms … 1092.3 ms 10 runs |
||
---|---|---|
.. | ||
bin | ||
lib | ||
libexec/security-misc | ||
share |