Post B0Dgixdec9LF0bUvQm by louis@social.louis-vallat.dev
(DIR) More posts by louis@social.louis-vallat.dev
(DIR) Post #B0DUffdJu1PWqb0RPs by elfin@mstdn.social
2025-11-13T22:13:16Z
0 likes, 0 repeats
Do we really need to rewrite sudo in Rust?DO WE FUCKING *REALLY*?!?No, we fucking Do Not.https://www.theregister.com/2025/11/13/ubuntu_rust_sudo_hole/
(DIR) Post #B0DUfhKbaZd478GWWW by louis@social.louis-vallat.dev
2025-11-13T22:27:56.098Z
0 likes, 0 repeats
@elfin@mstdn.socialDo "we" need to? noIs it a good thing? yes (imho)Canonical is doing Canonical things, as per usual, and I'm far more irritated about them shoving snap down my throat while making it difficult to swap to standalone packages than them pushing for sudo-rs.Oh and I agree with the fact that Ubuntu versions that are not LTS are just a beta-test for the LTS versions :change_my_mind:
(DIR) Post #B0DYAmR0xqrGmVmBai by elfin@mstdn.social
2025-11-13T22:41:05Z
0 likes, 0 repeats
@louis Snap is stupid and I'm tired of that too.I refuse to install *buntu.10 ... it's always junk.But suso isn't a toy, it's a very important tool and I've no problems writing something for the sake of writing something ... but sudo is *right there*...and it's a Critical Security Tool (that has plenty of problems of it's own already).Also, as a SysAdmin, sudo-rs is an additional three characters for me to type two hundred times a day and I ain't got time for that shit.
(DIR) Post #B0DYAnGlrQG5N1zWGO by louis@social.louis-vallat.dev
2025-11-13T23:06:05.682Z
0 likes, 0 repeats
@elfin@mstdn.social although I do agree that sudo isn't a toy, I truly think that this rewrite is getting an unfair treatment, where the smallest issue is shown as if it was a "gotcha" moment.Since Ubuntu replaced their sudo package, I've seen way more people scream and share the kind of articles that you shared, which either talk about low to medium impact issues or plain logic bugs (at least from what I've read), while the good-old-40-years-old sudo is still having high and critical privilege-escalation and access-control bypass vulns, which (from my point of view, so to be taken with a grain of salt of course) have been way less publicized or shared around.Personally, I'm really impressed that we don't hear more issues from the rewrite, as it's supposed to be a drop-in replacement for the old one, supporting the same config and the same CLI flags. And Ubuntu adopted it. And it works. Granted it's not perfect, of course, nothing is, but damn I'm impressed nonetheless.And for the security aspect, sudo-rs has already been audited twice, in 2023 and in 2025, and I guess it'll continue to be under heavy scrutiny moving forward, which a more modern code-base written using a memory-safe language greatly helps to achieve.(as a side-note, sudo-rs uses the same sudo program name, so you don't have to add the three letters anywhere, you can just swap the old one for the rewrite with your package manager and... well, that's it really)
(DIR) Post #B0DbfDheRgV7u1lS2y by elfin@mstdn.social
2025-11-13T23:44:15Z
1 likes, 0 repeats
@louis Oh, I don't care about a bug in something new...that's just The Job. That's how software development works.An sudo itself, as you point out, has given some heartburn.But here, why not write it in Python? (Don't, that would also piss me off).I just don't think we need a Rust version of SUDO *specifically*.I'm generally good with putting down old dogs (see sendmail).And for the record, Cannonical is very much pissing me off with some of its choices.
(DIR) Post #B0DgdZlvvDVVXYnoxs by louis@social.louis-vallat.dev
2025-11-14T00:40:52.720Z
0 likes, 0 repeats
@elfin@mstdn.social Why not write it in Python?Sudo in Python would be one hell of a project :neocat_nervous:But in all seriousness though, Rust is a (very) good pick for that kind of rewrite: it is a compiled language (so no need for an interpreter), memory-safe (and without a garbage collector), very performant (as long as you don't write garbage code with it of course), you can do low-level and high-level stuff, with a modern tool-chain, a good development experience, a very good and strict compiler, a flourishing community of developers (so it's easier to find volunteers) and librairies, etc. That's exactly what a modern sudo and su rewrite would need.No wonder why it's being adopted and used in projects like Firefox or the Linux kernel of all projects. :neocat_sip_nervous:And as a sidenote, I'm not saying other languages are irrelevant or useless, that would be a very stupid take. A programming language is a tool, some needs are better suited for Python, some for Java, others for Zig, and then there's Haskell (joking, joking, I love you, Haskell programmers).
(DIR) Post #B0Dgixdec9LF0bUvQm by louis@social.louis-vallat.dev
2025-11-14T00:43:01.442Z
0 likes, 0 repeats
@elfin@mstdn.social Why not write it in Python?Sudo in Python would be one hell of a project :neocat_nervous:But in all seriousness though, Rust is a (very) good pick for that kind of rewrite: it is a compiled language (so no need for an interpreter), memory-safe (and without a garbage collector), very performant (as long as you don't write garbage code with it of course), you can do low-level and high-level stuff, with a modern tool-chain, a good development experience, a very good and strict compiler, a flourishing community of developers (so it's easier to find volunteers) and librairies, etc. That's exactly what a modern sudo and su rewrite needed.No wonder why it's being adopted and used in projects like Firefox or the Linux kernel of all projects. :neocat_sip_nervous:And as a sidenote, I'm not saying other languages are irrelevant or useless, that would be a very stupid take. A programming language is a tool, some needs are better suited for Python, some for Java, others for Zig, and then there's Haskell (joking, joking, I love you, Haskell programmers).
(DIR) Post #B0FMUHCbz6uKZeUOlE by elfin@mstdn.social
2025-11-14T00:46:14Z
1 likes, 0 repeats
@louis What's the joke?"Python is the second best language for any solution." ?
(DIR) Post #B0FMaBIGrkuBzBx5Oa by louis@social.louis-vallat.dev
2025-11-14T20:05:33.805Z
0 likes, 0 repeats
@elfin@mstdn.social well, in that specific case, I believe that Python wouldn't be a good fit from a technical standpoint :neocat_think:First of all, it's an interpreted language, so you'd either need to package the interpreter in the binary and decompress it each time you'd need to run sudo, or you'd need to ship it with every distro that'd want to use it. If you go with the latter, you'd need to worry about compatibility, and and to worry about this new attack vector that'd be way more difficult to audit and patch for all distros, or even the fact that, lately, python has had some major compatibility issues.Then, sudo needs to be somewhat low level, which Python isn't. You may technically be able to do some low-level programming in Python, but that'd require bending the programming language pretty far (and I'm not even mentioning the performance costs of doing so), while people write kernel drivers in Rust.These are just two examples and I'm not saying that Python is a bad language, far from that, but for this specific project, I believe there are far better options, Rust being definitely one of them :neocat_approve:
(DIR) Post #B0FQUDaBqHXdAFkHgG by elfin@mstdn.social
2025-11-14T20:22:20Z
1 likes, 0 repeats
@louis Ok, you seem to miss my sarcasm.
(DIR) Post #B0FQUEvUqYB9KcioWu by louis@social.louis-vallat.dev
2025-11-14T20:50:27.963Z
0 likes, 0 repeats
@elfin@mstdn.social yes indeed :bleh: