Security Identifier (SID) to User Identifier (uid) ResolutionSystem
Luke Kenneth Casson Leighton
lkcl at samba.org
Sun Jan 2 11:17:35 GMT 2000
> pretty much devolves into string comparison, which is slower than
> comparing two numbers the size of your current CPU architecture (32/64
> bits), unless the strings are limited to that size themselves (giving us
> no improvements...).
>
> To use the current example, imagine comparing SIDs as a speed comparison
> vs. uid/gids. This isn't really a major drag (NT gets away with it...),
> but it is a small performance hit (your news server will know the
> difference, as will real-time apps which do file or device access). Some
permission checks are only done on the following operations:
- file create
- file open
- file take ownership
also, does anyone know any really good nt kernel gurus/hackers to ask the
following question: does NT has some sort of internal virtual
representation for users in order to avoid having to compare SIDSs? i
_do_ know that they use a LUID (local uid) in the LSA (local security
authority), but i think tis only has significance to each LSA instance,
not to the kernel.
More information about the samba-technical
mailing list