it_a_me@literature.cafe
on 30 Aug 2023 02:20
nextcollapse
Cool, but I’ll stick with opendoas
BitSound@lemmy.world
on 30 Aug 2023 03:07
nextcollapse
What advantages does that have over this?
it_a_me@literature.cafe
on 30 Aug 2023 06:31
collapse
Opendoas has a significantly smaller codebase. It only has 4397 lines of code compared to Sudo-rs’s staggering 35990 lines.
It has a very simple config file which can do everything I want in less than 6 words.
It is a soft fork of BSD’s doas package and receives frequent audits(something I find reassuring since it is a method to gain root access on my system.
I don’t want or need 99% of the features sudo provides so I appreciate the simplicity and lightness of opendoas
RunAwayFrog@sh.itjust.works
on 30 Aug 2023 18:48
collapse
Opendoas has a significantly smaller codebase. It only has 4397 lines of code compared to Sudo-rs’s staggering 35990 lines.
Hmm.
% tokei src | rg ' (Language|Total)'
Language Files Lines Code Comments Blanks
Total 76 16243 13468 682 2093
% tokei src test-framework | rg ' (Language|Total)'
Language Files Lines Code Comments Blanks
Total 196 34274 27742 1072 5460
% git grep '#\[cfg(test)\]' src |wc
40 44 1387
I too love making unaware “Tests Considered Harmful” arguments based on some blind analysis.
Funnily enough, one could easily do some actually potentially useful shallow analysis, instead of a completely blind one, simply by noticing the libc crate dependency, then running:
Ignoring the usage in test modules, use of raw libc appears to be more than you would think from the title. One can also argue that some of that usage would be better served by using rustix instead of raw libc.
Of course authors can counter with arguments why using rustix* is not feasible or would complicate things, and would argue that the use of unsafe+libc is required for this kind of project, and it’s still reasonably limited and contained.
And a little bit more informed back-and-forth discussion can go from there.
* Searching for rustix in the sudo-rs repo returned this. So this predictably has been brought up before.
it_a_me@literature.cafe
on 30 Aug 2023 19:06
collapse
I’m sorry but I don’t understand whatever argument you’re making. I did the line count on my phone via termux because I was in a rush, so i’m aware the counts may be inaccurate. I should have made that clear in my earlier reply.
I do, however, hold to the fact that any sudo implementation will be more complicated than doas. Sudo, as a project, has more options and usecases than doas so it also has more posibilities for bugs or misconfiguration for the user.
I’m unable to tell what codebase your are refering to with you’re grep arguments, sorry.
RunAwayFrog@sh.itjust.works
on 30 Aug 2023 19:13
collapse
I do, however, hold to the fact that any sudo implementation will be more complicated than doas. Sudo, as a project, has more options and usecases than doas so it also has more posibilities for bugs or misconfiguration for the user.
Fair.
I’m unable to tell what codebase your are refering to with you’re grep arguments, sorry.
sudo-rs
snaggen@programming.dev
on 30 Aug 2023 07:15
collapse
If that works for you and you are happy with it, fine. But sudo-rs seems to have a bit of a different usecase since it is intended as a drop in replacement for sudo, hence it must be able to handle the sudoers file aso. It still removes some of the never-used obscure functionality that sudo had, so it is probably a lot smaller code base than original sudo.
lysdexic@programming.dev
on 30 Aug 2023 13:09
collapse
But sudo-rs seems to have a bit of a different usecase since it is intended as a drop in replacement for sudo, hence it must be able to handle the sudoers file aso.
Other than being yet another “standard tool X clone written in Rust” project, does it actually provide any tangible value?
lysdexic@programming.dev
on 31 Aug 2023 17:15
collapse
Does it have to?
If you’re a developer looking for a pastime working on a personal project, no. You’re free to waste your time and effort doing anything that pleases you.
Everyone else in the world only bothers with something if it provides any value at all. If a project such as this one fails to provide any value them no one will have any reason to waste their time with it, no matter how many times you rewrite it in Rust.
lambda@programming.dev
on 01 Sep 2023 23:43
collapse
I’m with you. Potential memory safety is the benefit that people should care about. But, the original sudo has been around for so long that I imagine the memory safety is already pretty well hashed out. I believe that there are speed benefits to some of the random applications re-written in rust. But, I don’t see how something like sudo would have any benefit.
ck_@discuss.tchncs.de
on 31 Aug 2023 07:45
collapse
It might be a drop in replacement to sudo, but I would not use it as such for a while.
If you look at the bugs that sudo had over the years, only a fraction of them have been caused by unsafe memory operations. The majority has been caused be its own complexity and the complexity of the sudoers file. These problem classes are not going away by porting the tool over to Rust or any other language.
Since this is a rewrite, it will have its own security bugs that need to be found and fixed first.
So until sudo-rs has had a couple of years of people fixing security issues, I’d rather not adopt it.
Given that, I have a hard time imagining why someone would pour time and resources into a rewrite of sudo for years to come instead of working towards a simpler solution.
martijn@programming.dev
on 31 Aug 2023 08:38
collapse
threaded - newest
Cool, but I’ll stick with opendoas
What advantages does that have over this?
Opendoas has a significantly smaller codebase. It only has 4397 lines of code compared to Sudo-rs’s staggering 35990 lines.
It has a very simple config file which can do everything I want in less than 6 words.
It is a soft fork of BSD’s doas package and receives frequent audits(something I find reassuring since it is a method to gain root access on my system.
I don’t want or need 99% of the features sudo provides so I appreciate the simplicity and lightness of opendoas
Hmm.
% git grep '#\[cfg(test)\]' src |wc 40 44 1387I too love making unaware “Tests Considered Harmful” arguments based on some blind analysis.
Funnily enough, one could easily do some actually potentially useful shallow analysis, instead of a completely blind one, simply by noticing the
libccrate dependency, then running:Ignoring the usage in test modules, use of raw
libcappears to be more than you would think from the title. One can also argue that some of that usage would be better served by usingrustixinstead of rawlibc.Of course authors can counter with arguments why using
rustix* is not feasible or would complicate things, and would argue that the use of unsafe+libc is required for this kind of project, and it’s still reasonably limited and contained.And a little bit more informed back-and-forth discussion can go from there.
* Searching for rustix in the sudo-rs repo returned this. So this predictably has been brought up before.
I’m sorry but I don’t understand whatever argument you’re making. I did the line count on my phone via termux because I was in a rush, so i’m aware the counts may be inaccurate. I should have made that clear in my earlier reply.
I do, however, hold to the fact that any sudo implementation will be more complicated than doas. Sudo, as a project, has more options and usecases than doas so it also has more posibilities for bugs or misconfiguration for the user.
I’m unable to tell what codebase your are refering to with you’re grep arguments, sorry.
Fair.
sudo-rsIf that works for you and you are happy with it, fine. But sudo-rs seems to have a bit of a different usecase since it is intended as a drop in replacement for sudo, hence it must be able to handle the sudoers file aso. It still removes some of the never-used obscure functionality that sudo had, so it is probably a lot smaller code base than original sudo.
Other than being yet another “standard tool X clone written in Rust” project, does it actually provide any tangible value?
Does it have to?
If you’re a developer looking for a pastime working on a personal project, no. You’re free to waste your time and effort doing anything that pleases you.
Everyone else in the world only bothers with something if it provides any value at all. If a project such as this one fails to provide any value them no one will have any reason to waste their time with it, no matter how many times you rewrite it in Rust.
I’m with you. Potential memory safety is the benefit that people should care about. But, the original sudo has been around for so long that I imagine the memory safety is already pretty well hashed out. I believe that there are speed benefits to some of the random applications re-written in rust. But, I don’t see how something like sudo would have any benefit.
It might be a drop in replacement to
sudo, but I would not use it as such for a while. If you look at the bugs that sudo had over the years, only a fraction of them have been caused by unsafe memory operations. The majority has been caused be its own complexity and the complexity of thesudoersfile. These problem classes are not going away by porting the tool over to Rust or any other language. Since this is a rewrite, it will have its own security bugs that need to be found and fixed first. So untilsudo-rshas had a couple of years of people fixing security issues, I’d rather not adopt it.Given that, I have a hard time imagining why someone would pour time and resources into a rewrite of
sudofor years to come instead of working towards a simpler solution.There was a nice talk at RustNL from the creators about this: www.youtube.com/watch?v=o4vwJIO96Yo
Here is an alternative Piped link(s): piped.video/watch?v=o4vwJIO96Yo
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source, check me out at GitHub.