Named CPU skyrockets for ActiveX objects in IE 5.5 browser
Danny Mayer
mayer at gis.net
Sat May 11 04:18:59 UTC 2002
At 07:40 PM 5/10/02, Erik Sliman wrote:
>The Application Log was retrieved with the event viewer. Since then I
>update named.conf to create a log file. It does the same thing to the text
>file, basically. It creates an entry each time I do a query with HOST,
>showing that it is logging queries. However, even when I reproduce the
>CPU/ActiveX/named problem, nothing else goes in the log. It looks like
>whatever is running in the named.exe process does not get logged, and
>probably has nothing to do with DNS queries, but only when certain ActiveX
>controls are running, which WSJ uses 100% of the time, and other sites, such
>as Dictionary.com, use some of the time, while others, like AltaVista.com,
>don't ever seem to invoke.
>
>Does the Windows port of BIND use ActiveX controls?
No. BIND uses straight ANSI C code. There is no ActiveX, COM, DCOM
or other technologies involved.
> Even if this is true,
>it still doesn't explain everything because:
>
>1> If BIND is not running, the overall CPU usage is much lower when the
>ActiveX controls run.
>2> If the web page is loaded with ActiveX controls, and THEN the named.exe
>service is started, the named.exe still picks up CPU enormously, taking it
>up near 60%.
I'd need to see some evidence.
>Both of these facts appears to reduce the likelyhood that the named.exe
>process is merely getting credit for the CPU usage of ActiveX controls that
>both it and IE are using. The latter goes against the theory becuase you
>would think that, of the very least, it would be credited to the first COM
>client to load the object. The first fact detracts from the theory because
>IE is not showing nearly the same CPU usage when run without BIND as BIND
>produces when the objects are loaded in IE.
>
>More than anything my curiosity is killing me. This seems to indicate a
>possible hole, to say the least. I know I had to upgrade Macromedia player
>recently because it's ActiveX object had a major security hole. This could
>be another since BIND runs with a lot of authority. This, of course, is
>part of the reason I have IE ask me whether or not I want to run an ActiveX
>object on a web page. If I don't trust the site, I say no. Of course, now
>I say no just to save CPU.
Danny
More information about the bind-users
mailing list