There’s still nothing wrong with reimplementations. It’s like saying don’t build houses because you’ll have to make repairs.
I don’t think I’ve seen more vocal sponsors of any language except Rust. With the high barrier to entry and relatively greater developer effort, I am curious to see what place it occupies in over the long term.
Mozilla, where Rust was originally conceived, have already talked about this risk factor ages ago when they were still working on Servo. Reimplementing battle-tested software in a different language can result in logic bugs being introduced, which no programming language can really prevent. Many times they will actually reintroduce bugs that have already been historically fixed in the original implementation. This doesn’t invalidate the benefits of moving to a very memory safe language, it just needs to be taken into consideration when determining whether it’s worth the risk or the effort.
Honestly I have no idea whether sudo-rs is a good idea or not, but I have my doubts that any of the other people (especially the very vocal kind) chiming in on this do. Any time Rust is involved in the Linux community, a lot of vocal critics with very little knowledge of the language or programming in general seem to appear.
This is why its generally better to only write new code in more memory safe langs instead of rewriting everything
It’s a generally applicable lesson in why it’s NOT a good idea to change things for the sake of it though (chesterton’s fence, but where most of the actual bits of fence are invisible).
Contrary to popular belief, it is possible to write software in C that is very secure. It takes thought but C has the edge with its small footprint and system integration
Yea I mean it’s possible, but the sooner you bite the bullet and use a more modern language, the sooner you’ll get back to the same level of maturity and start having productivity dividends being paid out thanks to things like being able to get your compiler to prevent use after free bugs and the like.
Not sure how much sudo specifically needs this, maybe new commits are rare. As long as it stays out of LTS for the time being I’m all for it though.
Also not quite sure what you mean by “footprint”
Are you talking about the binary size or the fact that C has a tiny and straightforward language spec?
Contrary to popular belief, it is possible to write software in assembly that is very readable. It takes thought but assembly has the edge with its miniscule footprint and zero-dependency runtime.
I wouldn’t go that far
The problem with assembly is that it is almost impossible to optimize it as a human. Way back in the day instruction sets were written for humans but these days it is highly unlikely that you will be able to write assembly that can outperform a compiler. The reason primary has to do with pipelining and caching since modern CPUs are extremely complex.
in other news: software has bugs
Not my software.
No tests, no users, no bugs.
It’s not a bug, it’s in production so it’s a feature
see Ivan? Dead code cannot have bugs
The other day o spent a bunch of time carefully dissecting and then rewriting some code from the guy before me.
Turns out that code was never used, he just didn’t remove it or comment it out.
That was a good use of a couple hours.
One of the new devs spent a week refactoring some code that was removed from main the same day he checked out. We told him to focus on a specific set of scripts, but he wanted to go there extra mile. Poor soul
I’ve spent days on trivial mistakes so a couple of hours mean nothing to me
helloworld(“print”)
Ah, we have a senior developer here!
Admirable.
Me? No software, no bugs.
Canonical should really wake up and stop thinking that rewriting in rust is a magical way to remove bugs.
Sure the rust rewrite will surely be easier to maintain and less error prone (Assuming the code is idiomatic), but you can’t rewrite software maturity.
They should put it behind a checkbox instead of shoving it down anyone’s throat. They are literally testing in prod
But that is literally what the 25.10 is for, to test in prod. So that those bugs are fixed in the upcoming LTS
They really should not be testing it at all. It’s not even feature complete, let alone mature.
We have yet to see if they’ll stick to the Rust implementations for 26.04. If you’re running non-LTS Ubuntu in prod, that’s not on Canonical…
If we expect software like sudo to stick around for decades to come, a transition phase like this might very well be worth the investment.
IMO if you’re running Ubuntu at all in prod you already fucked up.
Real professionals use LFS, obvs
Fedora hasn’t really had this issue and it is on the edge.
It is probably more of an act of desperation to stay relevant
why try to recreate the bloat of sudo when doas exists?
run0
I am not one of those weird anti-systemD guys(ok, maybe a little bit) but run0 just feels weird to me. What is the usecase? why would I choose this over doas? what are we doing here?
Probably because things expect sudo to exist
alpine doesn’t have sudo. hell, neither does debian, by default
Yes and how many people daily-drive those?
doas mv /usr/bin/doas /usr/bin/sudo
Problem solved!
Inb4 the same bug also exists on the original
