Multiple Vulnerabilities Found in Rust Sudo Clone in Ubuntu

The Lunduke Journal
100K subscribers
6,173 views 6 hours ago Linux & Whatnot
Ubuntu is now shipping with Rust based replacements of core utilities (sudo, date, du, etc.). And the steady stream of bugs, missing functionality, and security vulnerabilities continues. More from The Lunduke Journal: ...more
...more
Thank god the vulnerabilities are memory safe though!
349
I genuinely believe all this "rewrite everything in rust" agenda is intelligence agencies trying to get vulnerabilities into Linux.
110
Oh look, it's exactly the thing that everyone said was going to happen when you rewrite a widely used and battle-tested piece of security software from scratch. Who'd'a thunk it.
144
> Is called Rust. > Breaks machines. > Pottery.
95
Let's replace the most battle tested software of all time and replace it for blue sky clout.
221
That's the point: they're a bunch of slackers. They don't want to create new software; instead, they wish to spend the next 20 years rewriting software that has already been created and fixing new vulnerabilities.
89
When you're so woke you break something that worked perfectly fine before.
74
So ”rust free” is another badge to look for!
80
This is the madness that happens when a stable distro decides to rush a 0.x.x alpha/beta core package suite into the distro base long before that core package suite reaches its own stable 1.0.0 git branch.
30
If you wanted to kill trust in linux this is a good first step.
59
But atleast its memory safe 😂🤣😂🤣😂🤣😂
75
This is not even the worst problem... All this rust tools are not using copyleft terms line GNU,GPL At any time in the future the owners or companies can close the source code...
16
Rust is a sect
31
Remember they're memory safe vulnerabilities 😂
9
I hate using the term "observably stupid" on too many demographics but I might have to start using it to describe rust fanatics.
17
Aside from being simply not needed. the thing that baffles me most about these rust sudo/etc replacements is, the distros had an entire decades-long checklist of bug fixes and security patches to compare against. These drop-ins could have very easily been a fork until automated testing against each of those vulnerabilities demonstrates hardening. Then you make the switch on an as-complete basis. Doing it that way would have made the flip essentially invisible to consumers, instead of this hot mess the distros have created for themselves for no particular gain.
6
This rust thing has gotten way out of hand.
56
Cat ears can't code
30
Debian: Move fast and break things.
28
Wait WHAT??? I thought vulnerabilities where almost IMPOSSIBLE due to MEMORY SAFETY!!! God, turns out bad code, IS STILL BAD CODE. And no language will save you!
33
I thought Arch was the risky distro and Ubuntu stable one
94
It's an inside job from Microsoft infiltrators to discourage masses from switching away from Windows 11. The timing is too convenient... Probably.
40
The ramming of Rust into everything is driving me crazy. What distros are actively avoiding the spread of Rust?
51
Im convinced that this is intentional to make linux based infiltration easier by the alphabet
40
The Rust-bros: Going to a battle-hardened steeled system and rusting it away.
5
any correlation between rust code stability and the mental stability of its cult promoters?
26
Wow, Rusted sudo has now the feature of privilege escalation and also password revelation. Handy in case you forget your root password. It is not a bug. It is a feature!
8
This aged like metal in humidity
3
They call it Rust. I call it Cancer.
11
Looks like a certain someone was right!
30
To be fair, it was my generation who wanted to replace COBOL programs with C++. But we lost that argument back then, and this is why COBOL programmers are still desired. It works and is stable. Now if there was anyone who knew how to program it. And this is why C++ will still be around long after I'm dead. It's just so ubiquitous at this point in time. Replacement languages really require new software, not just rewrites. A new OS to replace Linux, Windows, MacOS, etc. Because for the current operating systems, why would you want to break everything?
12
Ubuntu glows hard
9
You are loving this haha
37
these vulnerabilities were only found so late, because rust is so new it is literally security by obscurity and they didnt even do THAT right
4
Anyone who thinks that there's a silver bullet language is wrong.
13
This happens to your distro when you don't know what "battle-tested" means.
2
I never thought the "Idiocracy" movie would be a prophecy, but here we are
1
As usual: some power hungry people with skill issues found a new kind of snake oil.
2
Who would have thought software written by teenaged furries would be broken?
135
NSA and others "corpo sponsors" of open source are happy, destroying open source and putting back doors in it. Who is a sponsor of RUST? NSA... If you have a back door in sudo, can you control a system? Just asking..
7