One great way you can make things more secure is by reducing attack surface. sudo is huge and old, and has tons of functionality that almost no one uses (like --chroot). A from-scratch rewrite with a focus on the 5% of features that 99% of users use means less code to test and audit. Also a newer codebase that hasn't grown and mutated over the course of 35 years is going to be a lot more focused and easier to reason about.
danudey|4 months ago
1718627440|4 months ago
This is a take I never understood. I get being huge, but old? Software doesn't age, when it is older it tends to have less bugs, not more.
gilcot|4 months ago
tcfhgj|4 months ago