Welcome to Friendica.Eskimo.Com

Home of Censorship Free Hosting

E-mail, Web Hosting, Linux Shell Accounts terminal or full remote desktops.

Leaflet via Linux

3 weeks ago

Leaflet
3 weeks ago

Adopting sudo-rs By Default in Ubuntu 25.10 | and status update on rust coreutils and rust PGP

cross-posted from: lemmy.world/post/29210689

Adopting sudo-rs By Default in Ubuntu 25.10

https://discourse.ubuntu.com/t/adopting-sudo-rs-by-default-in-ubuntu-25-10/60583

in reply to Leaflet

Wrong move. To make sudo more secure, you should instead ditch 90% of the features intended for server which nobody on desktop uses. 150 lines of C code is enough to provide sudo-like functionality on desktop.

This entry was edited (3 weeks ago)

in reply to MonkderVierte

zygo_histo_morpheus

in reply to MonkderVierte 3 weeks ago

They are open to drop some features apparently, but maybe not "90%"

The developers are taking a “less is more” approach. This means that some features of the original sudo may not be reimplemented if they serve only niche, or more recently considered “outdated” practices.

This entry was edited (3 weeks ago)

in reply to Leaflet

kixik

in reply to Leaflet 3 weeks ago

A way smaller alternative therefore less prompt to vulnerabilities is OpenDoas found on Arch/Artix/... and other distros. From the GH project:

doas is a minimal replacement for the venerable sudo. It was initially written by Ted Unangst of the OpenBSD project to provide 95% of the features of sudo with a fraction of the codebase.

GitHub - Duncaen/OpenDoas: A portable fork of the OpenBSD `doas` command

A portable fork of the OpenBSD `doas` command. Contribute to Duncaen/OpenDoas development by creating an account on GitHub.

^GitHub

This entry was edited (3 weeks ago)

in reply to Leaflet

Nanook

in reply to Leaflet 3 weeks ago

Take all the power away from the end user and give it all to Poettering, NO FUCKING THANKS.

in reply to Nanook

FooBarrington

in reply to Nanook 3 weeks ago

sudo-rs doesn't have anything to do with run0. Please take your pills grandpa, we're worried about you.

Edit: in case you're actually an older person, the latter part wasn't meant as a swipe (just saw your pfp). In that case, sorry!

This entry was edited (3 weeks ago)

in reply to FooBarrington

Nanook

in reply to FooBarrington 3 weeks ago

@FooBarrington What you are advocating is taking power away from the user. Go install WIndows 11 if this is what you want punk.

in reply to Nanook

FauxLiving

in reply to Nanook 3 weeks ago

Go install WIndows 11 if this is what you want punk.

Don't install Ubuntu 25.10 if this isn't what you want. Using Ubuntu means accepting that they're going to make a lot of decisions about your system. The whole point of these large pre-configured Linux distros is that they make all of the decisions for you.

If you want more control than that try installing one of the other distros that allow you to choose the software you want.

Installation guide - ArchWiki

^{wiki.archlinux.org}

in reply to FauxLiving

Nanook

in reply to FauxLiving 3 weeks ago

@FauxLiving I've been using Ubuntu for about 14 years and in the past they've been at least somewhat interested in user input. I hope "don't become another fucking Microsoft" is a message that Canonical gets.

in reply to Nanook

FooBarrington

in reply to Nanook 3 weeks ago

What? No I'm not. Using a memory-safe implementation of sudo doesn't take any power away from the user, how does that make sense?

in reply to FooBarrington

Nanook

in reply to FooBarrington 3 weeks ago

@FooBarrington You didn't just specify memory safe, you advocated stripping away a number of features. Yes memory safe anything is a good idea and I've got no objection to the use of rust, I think it's a good language, one of the few worthwhile efforts to emerge in recent years, but if it is going go be re-implemented, do so fully. Yes, anything that runs with privileges should be memory safe else it's open to attack and Rust certainly makes that more possible, I am just concerned about the limiting feature set aspect. I'm not in favor of protecting users from themselves, I don't want a car that is capable of reading speed limit signs and prevents me from exceeding them even if doing so might be unsafe or illegal, that not the car manufacturers job to be come an arm of the government, likewise I don't want Linux protecting me from myself, I already address potentials with regular backups, etc.

in reply to Nanook

Matt

in reply to Nanook 2 weeks ago

Less is more.

in reply to Matt

Nanook

in reply to Matt 2 days ago

@Matt Sorry if freedom is not important to you but perhaps that's why you're on lamey.

in reply to Nanook

beleza pura

in reply to Nanook 3 weeks ago

chill

in reply to Leaflet

Mactan

in reply to Leaflet 3 weeks ago (Received 2 days ago)

what's the license on sudo-rs, is it MIT like uutils?

in reply to Mactan

Ephera

in reply to Mactan 3 weeks ago (Received 2 days ago)

Seems like it's Apache-2.0, but original sudo is under ISC license, which is more permissive as far as I'm aware. Although Apache-2.0 is very much still considered "permissive", too.

in reply to Ephera

☂️-

in reply to Ephera 3 weeks ago (Received 2 days ago)

This entry was edited (2 days ago)

⇧

Welcome to Friendica.Eskimo.Com

Home of Censorship Free Hosting

Leaflet via Linux

Leaflet 3 weeks ago • •

Leaflet
3 weeks ago