Linux

8360 readers

449 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of [email protected] and The GIMP

founded 2 years ago

MODERATORS

[email protected]

Bugs Found in sudo (www.linux-magazine.com)

submitted 2 days ago by [email protected] to c/[email protected]

8 comments fedilink hide all child comments

top 8 comments

sorted by: hot top controversial new old

[–] [email protected] 25 points 2 days ago

In case anyone wonders: these are the same bugs reported (and fixed) last week, not new ones.

[–] [email protected] 5 points 2 days ago (3 children)

So ‘sudo-rs’ guys were right?

[–] [email protected] 1 points 2 days ago

Rusty Bois are never right!

[–] [email protected] 4 points 2 days ago

I would rather go with a completely new approach like the one of run0.

[–] [email protected] 21 points 2 days ago* (last edited 2 days ago) (1 children)

The vulnerability in question would've still happened if written in rust, it was not a memory leak.
More an instance of feature creep, as the solution was to remove the functionality.

[–] [email protected] 1 points 2 days ago (1 children)

Would something like 'doas' have the same issue?

[–] [email protected] 1 points 2 days ago

I don't believe so and it has been suggested as an alternative.

[–] [email protected] 10 points 2 days ago* (last edited 2 days ago)

Damn, a cvss score of 9.3 is wild