speed and reliability improvements for setting reads ACLs#8216
speed and reliability improvements for setting reads ACLs#8216iceweasel-oai merged 2 commits intomainfrom
Conversation
iceweasel-oai
commented
Dec 17, 2025
iceweasel-oai
commented
- Batch read ACL creation for online/offline sandbox user
- creates a new ACL helper process that is long-lived and runs in the background
- uses a mutex so that only one helper process is running at a time.
|
@codex review |
|
Codex Review: Didn't find any major issues. Breezy! ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
dylan-hurd-oai
left a comment
dylan-hurd-oai
left a comment
There was a problem hiding this comment.
non-blocking suggestions, lgtm
| .spawn() | ||
| .context("spawn read ACL helper")?; | ||
| let pid = child.id(); | ||
| log_line(log, &format!("spawned read ACL helper pid={pid}"))?; |
There was a problem hiding this comment.
Out of scope for this PR but we might consider changing this to a Write trait rather than a file, e.g. for testing.
| let users_psid = sid_bytes_to_psid(&users_sid)?; | ||
| let auth_sid = resolve_sid("Authenticated Users")?; | ||
| let auth_psid = sid_bytes_to_psid(&auth_sid)?; | ||
| let everyone_sid = resolve_sid("Everyone")?; |
There was a problem hiding this comment.
non-blocking: this section feels a bit "magic string" vibes to me. we might consider entombing them in reusable helper functions
There was a problem hiding this comment.
yeah good call - I'll make a note to do this. Wouldn't be surprised if these already live as constants in the windows stdlib somewhere
2 participants
