Honestly I think this is a rather big deal. It leaves our project open to just being made closed source / justifies not contributing back from big companies.
Sadly, security issues are still being found in sudo, so wasn’t broke isn’t entirely true. Though, whether or not Rust prevents a given security issue is strongly dependent on the kind of issue. Security issues arising from logical errors usually don’t get caught, there is only a guarantee for memory management issues.
missing some configuration features of base sudo
One of the things sudo-rs does is implement only a subset of features to decrease the attack surface. A recent security issue did not affect sudo-rs because they simply did not implement the feature that had the (logic) bug. As with many things this is a trade-off.
I mean…sounds fine. Why is it “controversial”?
Few reasons, some less valid than others.
Honestly I think this is a rather big deal. It leaves our project open to just being made closed source / justifies not contributing back from big companies.
Sadly, security issues are still being found in sudo, so wasn’t broke isn’t entirely true. Though, whether or not Rust prevents a given security issue is strongly dependent on the kind of issue. Security issues arising from logical errors usually don’t get caught, there is only a guarantee for memory management issues.
One of the things sudo-rs does is implement only a subset of features to decrease the attack surface. A recent security issue did not affect sudo-rs because they simply did not implement the feature that had the (logic) bug. As with many things this is a trade-off.
Just GreyBeards having discussions, sometimes heated. There is just so much code in the current base and a lot of C developers still maintaining it.