Introduction Following on from Carefully But Purposefully Oxidising Ubuntu, Ubuntu will be the first major Linux distribution to adopt sudo-rs as the default implementation of sudo, in partnership with the Trifecta Tech Foundation The change will be effective from the release of Ubuntu 25.10. You can see the Trifecta Tech Foundation’s announcement here. What is sudo-rs? sudo-rs is a reimplementation of the traditional sudo tool, written in Rust. It’s being developed by the Trifecta Tech Founda...
  • @abobla@lemm.ee
    4830 days ago

    This comment seems interesting, it was first question that popped into my head:

    • @atzanteol@sh.itjust.worksEnglish
      2330 days ago

      That is… A big claim. Yeah, rust minimizes or removes some categories of vulnerabilities. This is true. BUT sudo has been well tested over decades.

      • @Clusterfck@lemmy.sdf.org
        529 days ago

        I’ll be the first to admit to not paying much attention to Linux vulnerabilities, but I agree, I feel like a vulnerability in a package like sudo would have been huge news.

  • Daniel Quinn
    English
    1130 days ago

    Is it GPL though? If this is a case of MIT-licensed stuff weaseling its way into Linux core utils, I’m not interested.

      • Daniel Quinn
        English
        628 days ago

        This is what I get for posting at 1am. Thanks for the clarification. Yeah I just assumed it was the same situation as coreutils.

    • @mogoh@lemmy.ml
      330 days ago

      Where is the problem when something mit-licensed is in core utils?

      Edit: sudo isn’t even a core util.

      • Daniel Quinn
        English
        2730 days ago

        Granted, sudo isn’t in coreutils, but it’s sufficiently standard that I’d argue that the licence is very relevant to the wider Linux community.

        Anyway, I answered this at length the last time this subject came up here, but the TL;DR is that private companies (like Canonical, who owns Ubuntu) love the MIT license because it allows them to take the code and make proprietary versions of it without having to release the source code. Consider the implications of a sudo binary that’s Built For Ubuntu™ with closed-source proprietary hooks into Canonical’s cloud auth provider. It’s death by a thousand MIT-licensed cuts to our once Free operating system.

        • @serenissi@lemmy.world
          -429 days ago

          What’s the problem with it? These MIT programs already exists. Anyone can make proprietary version. Including in Ubuntu doesn’t change that.

          Also your example is pointless. Canonical would rather make a proprietary pam module instead of a custom internal fork of sudo-rs.

  • Read BioEnglish
    228 days ago

    I wonder the performance compared to regular sudo

    • spv.sh
      428 days ago

      rust compiles to native code, so barring some horrific implementation issues, i’d bet my money on it being roughly equivalent.