Honestly I think this is a rather big deal. It leaves our project open to just being made closed source / justifies not contributing back from big companies.
Sadly, security issues are still being found in sudo, so wasn’t broke isn’t entirely true. Though, whether or not Rust prevents a given security issue is strongly dependent on the kind of issue. Security issues arising from logical errors usually don’t get caught, there is only a guarantee for memory management issues.
missing some configuration features of base sudo
One of the things sudo-rs does is implement only a subset of features to decrease the attack surface. A recent security issue did not affect sudo-rs because they simply did not implement the feature that had the (logic) bug. As with many things this is a trade-off.
Everyone is focusing on the fact that this us C vs rust. The original sudo has issues on its own. Its a large code base that does lots of things and has inherent security vulnerabilities.
Honestly - even if there were no other practical benefit to the code base - having a new language to recode everything in is healthy for programmers - it gets newer engineers excited.
Was sudo broken in some way that makes rewriting it in rust appealing? Genuinely curious.
Its a big debate/ discussion lately, as rust has some safety bits built-in that make it safer than C. So tools are getting ported.
I mean…sounds fine. Why is it “controversial”?
Few reasons, some less valid than others.
Honestly I think this is a rather big deal. It leaves our project open to just being made closed source / justifies not contributing back from big companies.
Sadly, security issues are still being found in sudo, so wasn’t broke isn’t entirely true. Though, whether or not Rust prevents a given security issue is strongly dependent on the kind of issue. Security issues arising from logical errors usually don’t get caught, there is only a guarantee for memory management issues.
One of the things sudo-rs does is implement only a subset of features to decrease the attack surface. A recent security issue did not affect sudo-rs because they simply did not implement the feature that had the (logic) bug. As with many things this is a trade-off.
Just GreyBeards having discussions, sometimes heated. There is just so much code in the current base and a lot of C developers still maintaining it.
Everyone is focusing on the fact that this us C vs rust. The original sudo has issues on its own. Its a large code base that does lots of things and has inherent security vulnerabilities.
Sudo is worth redoing regardless of language.
https://linuxsecurity.com/news/security-vulnerabilities/sudo-flaws-linux-privilege-at-risk
Honestly - even if there were no other practical benefit to the code base - having a new language to recode everything in is healthy for programmers - it gets newer engineers excited.