Linux

8312 readers

379 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev

Bugs Found in sudo (www.linux-magazine.com)

submitted 1 day ago by schnurrito@discuss.tchncs.de to c/linux@programming.dev

8 comments fedilink hide all child comments

top 8 comments

sorted by: hot top controversial new old

[–] elmicha@feddit.org 23 points 1 day ago

In case anyone wonders: these are the same bugs reported (and fixed) last week, not new ones.

[–] a_person@lemmy.world 10 points 1 day ago* (last edited 1 day ago)

Damn, a cvss score of 9.3 is wild

[–] syd@lemy.lol 5 points 1 day ago (3 children)

So ‘sudo-rs’ guys were right?

[–] 0x0@lemmy.zip 21 points 1 day ago* (last edited 23 hours ago) (1 children)

The vulnerability in question would've still happened if written in rust, it was not a memory leak.
More an instance of feature creep, as the solution was to remove the functionality.

[–] Comexs@lemmy.zip 1 points 17 hours ago (1 children)

Would something like 'doas' have the same issue?

[–] 0x0@lemmy.zip 1 points 14 hours ago

I don't believe so and it has been suggested as an alternative.

[–] e8d79@discuss.tchncs.de 3 points 16 hours ago

I would rather go with a completely new approach like the one of run0.

[–] DmMacniel@feddit.org 2 points 15 hours ago

Rusty Bois are never right!