I would argue a rewrite of sudo in rust is not necessarily a good thing.
Sure, if you are starting from scratch, Rust is likely to mitigate mistakes that C would make into vulnerabilities.
When you rewrite anything, there’s just a lot of various sorts of risks. For sudo and coreutils, I’m skeptical that there are sufficient unknown, unaddressed problems in the C codebases of such long lived, extremely scrutinized projects to be worth the risks of a rewrite.
A rust rewrite may be indicated for projects that are less well scrutinized due to no one bothering or not being that old anyway. Just the coreutils and sudo are in my mind the prime examples of bad ideas of rewrite just for the sake of rust rewrite.
I think the people doing the rewrites genuinely believe it will be an improvement, and they could be correct. I get the instinct to “don’t fix what ain’t broken”, but that is what staging is for. There is no need to make sacred cows, and this seems like a perfect opportunity to improve security and integration testing as well.
I would argue a rewrite of sudo in rust is not necessarily a good thing.
Sure, if you are starting from scratch, Rust is likely to mitigate mistakes that C would make into vulnerabilities.
When you rewrite anything, there’s just a lot of various sorts of risks. For sudo and coreutils, I’m skeptical that there are sufficient unknown, unaddressed problems in the C codebases of such long lived, extremely scrutinized projects to be worth the risks of a rewrite.
A rust rewrite may be indicated for projects that are less well scrutinized due to no one bothering or not being that old anyway. Just the coreutils and sudo are in my mind the prime examples of bad ideas of rewrite just for the sake of rust rewrite.
I think the people doing the rewrites genuinely believe it will be an improvement, and they could be correct. I get the instinct to “don’t fix what ain’t broken”, but that is what staging is for. There is no need to make sacred cows, and this seems like a perfect opportunity to improve security and integration testing as well.