• ck_@discuss.tchncs.de
    link
    fedilink
    arrow-up
    8
    ·
    1 year ago

    It might be a drop in replacement to sudo, but I would not use it as such for a while. If you look at the bugs that sudo had over the years, only a fraction of them have been caused by unsafe memory operations. The majority has been caused be its own complexity and the complexity of the sudoers file. These problem classes are not going away by porting the tool over to Rust or any other language. Since this is a rewrite, it will have its own security bugs that need to be found and fixed first. So until sudo-rs has had a couple of years of people fixing security issues, I’d rather not adopt it.

    Given that, I have a hard time imagining why someone would pour time and resources into a rewrite of sudo for years to come instead of working towards a simpler solution.