Named CPU skyrockets for ActiveX objects in IE 5.5 browser

Danny Mayer mayer at gis.net
Sat May 11 04:18:59 UTC 2002 

At 07:40 PM 5/10/02, Erik Sliman wrote:
>The Application Log was retrieved with the event viewer.  Since then I
>update named.conf to create a log file.  It does the same thing to the text
>file, basically.  It creates an entry each time I do a query with HOST,
>showing that it is logging queries.  However, even when I reproduce the
>CPU/ActiveX/named problem, nothing else goes in the log.  It looks like
>whatever is running in the named.exe process does not get logged, and
>probably has nothing to do with DNS queries, but only when certain ActiveX
>controls are running, which WSJ uses 100% of the time, and other sites, such
>as Dictionary.com, use some of the time, while others, like AltaVista.com,
>don't ever seem to invoke.
>
>Does the Windows port of BIND use ActiveX controls?

No. BIND uses straight ANSI C code.  There is no ActiveX, COM, DCOM
or other technologies involved.

>  Even if this is true,
>it still doesn't explain everything because:
>
>1> If BIND is not running, the overall CPU usage is much lower when the
>ActiveX controls run.
>2> If the web page is loaded with ActiveX controls, and THEN the named.exe
>service is started, the named.exe still picks up CPU enormously, taking it
>up near 60%.

I'd need to see some evidence.

>Both of these facts appears to reduce the likelyhood that the named.exe
>process is merely getting credit for the CPU usage of ActiveX controls that
>both it and IE are using.  The latter goes against the theory becuase you
>would think that, of the very least, it would be credited to the first COM
>client to load the object.  The first fact detracts from the theory because
>IE is not showing nearly the same CPU usage when run without BIND as BIND
>produces when the objects are loaded in IE.
>
>More than anything my curiosity is killing me.  This seems to indicate a
>possible hole, to say the least.  I know I had to upgrade Macromedia player
>recently because it's ActiveX object had a major security hole.  This could
>be another since BIND runs with a lot of authority.  This, of course, is
>part of the reason I have IE ask me whether or not I want to run an ActiveX
>object on a web page.  If I don't trust the site, I say no.  Of course, now
>I say no just to save CPU.

         Danny

More information about the bind-users mailing list