The real problem is not Rust, or that somebody decided to rewrite sudo in Rust. These are both good things.
The actual real problem is that Ubuntu adopts these in their mainline distribution when the release version is 0.something. I mean sure, this will get the worst bugs noticed and fixed sooner but come on. Have a little empathy for your dumb users. They didn’t choose to be that way.
I would argue a rewrite of sudo in rust is not necessarily a good thing.
Sure, if you are starting from scratch, Rust is likely to mitigate mistakes that C would make into vulnerabilities.
When you rewrite anything, there’s just a lot of various sorts of risks. For sudo and coreutils, I’m skeptical that there are sufficient unknown, unaddressed problems in the C codebases of such long lived, extremely scrutinized projects to be worth the risks of a rewrite.
A rust rewrite may be indicated for projects that are less well scrutinized due to no one bothering or not being that old anyway. Just the coreutils and sudo are in my mind the prime examples of bad ideas of rewrite just for the sake of rust rewrite.
I think the people doing the rewrites genuinely believe it will be an improvement, and they could be correct. I get the instinct to “don’t fix what ain’t broken”, but that is what staging is for. There is no need to make sacred cows, and this seems like a perfect opportunity to improve security and integration testing as well.
Canonical wouldn’t have anything to do if they didn’t push software prematurely without testing it properly or making sure anyone actually wants it. See also:
Mir
Snap
Core utils in Rust
Netplan
Their shitty installer
CloudInit
Sometimes, their stuff end up getting popular and sometimes even usable. Most of the time though…
The real problem is not Rust, or that somebody decided to rewrite sudo in Rust. These are both good things.
The actual real problem is that Ubuntu adopts these in their mainline distribution when the release version is 0.something. I mean sure, this will get the worst bugs noticed and fixed sooner but come on. Have a little empathy for your dumb users. They didn’t choose to be that way.
I would argue a rewrite of sudo in rust is not necessarily a good thing.
Sure, if you are starting from scratch, Rust is likely to mitigate mistakes that C would make into vulnerabilities.
When you rewrite anything, there’s just a lot of various sorts of risks. For sudo and coreutils, I’m skeptical that there are sufficient unknown, unaddressed problems in the C codebases of such long lived, extremely scrutinized projects to be worth the risks of a rewrite.
A rust rewrite may be indicated for projects that are less well scrutinized due to no one bothering or not being that old anyway. Just the coreutils and sudo are in my mind the prime examples of bad ideas of rewrite just for the sake of rust rewrite.
I think the people doing the rewrites genuinely believe it will be an improvement, and they could be correct. I get the instinct to “don’t fix what ain’t broken”, but that is what staging is for. There is no need to make sacred cows, and this seems like a perfect opportunity to improve security and integration testing as well.
Canonical wouldn’t have anything to do if they didn’t push software prematurely without testing it properly or making sure anyone actually wants it. See also:
Sometimes, their stuff end up getting popular and sometimes even usable. Most of the time though…