Introduction Following on from Carefully But Purposefully Oxidising Ubuntu, Ubuntu will be the first major Linux distribution to adopt sudo-rs as the default implementation of sudo, in partnership with the Trifecta Tech Foundation The change will be effective from the release of Ubuntu 25.10. You can see the Trifecta Tech Foundation’s announcement here. What is sudo-rs? sudo-rs is a reimplementation of the traditional sudo tool, written in Rust. It’s being developed by the Trifecta Tech Founda...
  • abobla@lemm.ee
    371·
    17 hours ago

    This comment seems interesting, it was first question that popped into my head:

    • atzanteol@sh.itjust.worksEnglish
      191·
      13 hours ago

      That is… A big claim. Yeah, rust minimizes or removes some categories of vulnerabilities. This is true. BUT sudo has been well tested over decades.

      • Clusterfck@lemmy.sdf.org
        3·
        2 hours ago

        I’ll be the first to admit to not paying much attention to Linux vulnerabilities, but I agree, I feel like a vulnerability in a package like sudo would have been huge news.

  • Daniel Quinn@lemmy.caEnglish
    104·
    16 hours ago

    Is it GPL though? If this is a case of MIT-licensed stuff weaseling its way into Linux core utils, I’m not interested.

      • Daniel Quinn@lemmy.caEnglish
        5·
        9 hours ago

        This is what I had for posting at 1am. Thanks for the clarification. Yeah I just assumed it was the same situation as coreutils.

    • mogoh@lemmy.ml
      3·
      16 hours ago

      Where is the problem when something mit-licensed is in core utils?

      Edit: sudo isn’t even a core util.

      • Daniel Quinn@lemmy.caEnglish
        182·
        15 hours ago

        Granted, sudo isn’t in coreutils, but it’s sufficiently standard that I’d argue that the licence is very relevant to the wider Linux community.

        Anyway, I answered this at length the last time this subject came up here, but the TL;DR is that private companies (like Canonical, who owns Ubuntu) love the MIT license because it allows them to take the code and make proprietary versions of it without having to release the source code. Consider the implications of a sudo binary that’s Built For Ubuntu™ with closed-source proprietary hooks into Canonical’s cloud auth provider. It’s death by a thousand MIT-licensed cuts to our once Free operating system.

        • serenissi@lemmy.world
          22·
          3 hours ago

          What’s the problem with it? These MIT programs already exists. Anyone can make proprietary version. Including in Ubuntu doesn’t change that.

          Also your example is pointless. Canonical would rather make a proprietary pam module instead of a custom internal fork of sudo-rs.