Is rewriting 'sudo' in rust really a good idea? 🤔
The current incarnation of the sudo project was started in 1986, and as such has had almost forty years to iron out bugs. Granted, 1/3 of those were memory related, but that still leaves 2/3 for a new implementation to rediscover.
Also two pages of search results for the 'unsafe' keyword in the repo makes me wonder: https://github.com/search?q=repo%3Atrifectatechfoundation%2Fsudo-rs%20unsafe&type=code
=> More informations about this toot | More toots from micke@camp.smolnet.org
@micke sudo does a huge number of things nowdays though.... some of it which could be removed completely as it isn't really core (playback of sessions and pretty much everything introduced in recent years)
Some consider the whole premise of taking an essentially untrustworthy env and elevating privileges insane, which gives us run0 (systemd).
That thing forks from a clean slate and modifies it as needed rather than playing whack a mole with "sensitive" vars or features
=> More informations about this toot | More toots from reto@pleroma.labrat.space This content has been proxied by September (3851b).Proxy Information
text/gemini