undefined | Better HN

0 pointsch_12310mo ago0 comments

> Some problems come from the huge amount of features(ldap, easter eggs, ...). sudo-rs reduces the problems by not implementing those features.

This makes me wonder:

1) Would a hypothetical "sudo-lite" with these features removed lead to better security without a rewrite?

2) If these features are useful in the real world, will a Rust rewrite of sudo inevitably gain these features over time and end up with similar problems?

0 comments

throw0101a10mo ago

> 1) Would a hypothetical "sudo-lite" with these features removed lead to better security without a rewrite?

OpenBSD did this with their doas utility:

* https://en.wikipedia.org/wiki/Doas

Dylan1680710mo ago

"without a rewrite" means cutting down the existing code. A completely different program goes into the same category as "rewrite".

0cf8612b2e1e10mo ago

doas is 500 lines of C. Two orders is magnitude less than sudo yet still covers the core functionality. Sure you could grandfather”s axe your way into the final product, but difficult to see how a a hypothetical code base 1% of the original counted as anything but a rewrite.

1 more reply

steveklabnik10mo ago

2. While a feature may be useful, the question is how useful, and to how many people. sudo-rs is removing features that aren't used very much, if at all, and doesn't plan to add them, to combat this. Those users can still use the original sudo.

literalAardvark10mo ago

It can't end up with similar problems, due to the memory safety guarantee.

That's not to say that it won't create other ones.

ch_123OP10mo ago

There are many types of security problems beyond memory safety issues.

j / k navigate · click thread line to collapse