New package pleaser for Factory
Hello, I'd like to introduce the 'pleaser' project, a young alternative for sudo, written in Rust. This was reviewed by Matthias Gerstner (thank you!): <https://bugzilla.suse.com/show_bug.cgi?id=1183669> One of the interesting and positive remarks in the community was that the errors in the program were all business logic. I've prepared the package in Base:System/pleaser and propose to submit it to Factory. If helpful, here is a link to the upstream project page: <https://gitlab.com/edneville/please/> -- Best regards, Ed http://www.s5h.net/
On Sunday 2021-06-20 23:13, Ed Neville wrote:
I'd like to introduce the 'pleaser' project, a young alternative for sudo, written in Rust.
One of the interesting and positive remarks in the community was that the errors in the program were all business logic.
"Business logic" is the heart of a (business) program. For a program that wants to take on the same function and responsibilities of sudo, this is worrisome.
On 2021-06-21 00:22+0200, Jan Engelhardt wrote:
"Business logic" is the heart of a (business) program. For a program that wants to take on the same function and responsibilities of sudo, this is worrisome.
This is an interesting point. Had I written it in something not so memory safe, there would be have been memory issues to deal with in addition to the business logic. The business logic was all my own error, but I think the maintenance and associated risk required for a traditional memory unsafe language is quite a burden. Hence this is an alternative not a forced replacement, the user hopefully now would be able to decide which risks they want. I'm hoping please and pleaseedit already covers more than what sudo/doas covers. Ed
On Monday 2021-06-21 08:40, Ed Neville wrote:
On 2021-06-21 00:22+0200, Jan Engelhardt wrote:
"Business logic" is the heart of a (business) program. For a program that wants to take on the same function and responsibilities of sudo, this is worrisome.
Had I written it in something not so memory safe,
Memory safety/language choice wasn't the point. If the core logic is flawed, one loses, irrespective of language.
Hence this is an alternative not a forced replacement, the user hopefully now would be able to decide which risks they want.
I'm hoping please and pleaseedit already covers more than what sudo/doas covers.
So, more attack surface. I guess that's not the risk I would want.
On Mo, 2021-06-21 at 11:07 +0200, Jan Engelhardt wrote:
On Monday 2021-06-21 08:40, Ed Neville wrote:
On 2021-06-21 00:22+0200, Jan Engelhardt wrote:
"Business logic" is the heart of a (business) program. For a program that wants to take on the same function and responsibilities of sudo, this is worrisome.
Had I written it in something not so memory safe,
Memory safety/language choice wasn't the point. If the core logic is flawed, one loses, irrespective of language.
Hence this is an alternative not a forced replacement, the user hopefully now would be able to decide which risks they want.
I'm hoping please and pleaseedit already covers more than what sudo/doas covers.
So, more attack surface. I guess that's not the risk I would want.
I'll certainly not replace sudo with anything else either. I have much more desire for a polkit replacement than for a sudo. But let's give people the choice. @Ed, why don't you simply submit it to openSUSE:Factory? Martin
On Mon, Jun 21, 2021 at 6:07 AM Martin Wilck <martin.wilck@suse.com> wrote:
On Mo, 2021-06-21 at 11:07 +0200, Jan Engelhardt wrote:
On Monday 2021-06-21 08:40, Ed Neville wrote:
On 2021-06-21 00:22+0200, Jan Engelhardt wrote:
"Business logic" is the heart of a (business) program. For a program that wants to take on the same function and responsibilities of sudo, this is worrisome.
Had I written it in something not so memory safe,
Memory safety/language choice wasn't the point. If the core logic is flawed, one loses, irrespective of language.
Hence this is an alternative not a forced replacement, the user hopefully now would be able to decide which risks they want.
I'm hoping please and pleaseedit already covers more than what sudo/doas covers.
I welcome with open arms this movement to write base operating system components in languages that do not have the pitfalls of C.. However a replacement for sudo is IMHO not prioritary, I concur that something great to replace polkit is more urgently needed, Using Rust for that is probably too big of a hammer though..a language like Go that has a much lower entry barrier may attract more man power to make the thing sustainable. Having a wonderful language like Rust is just a part of the equation in this world, when push comes to shove you need the greatest number of developers and resources possible.
participants (4)
-
Cristian Rodríguez -
Ed Neville -
Jan Engelhardt -
Martin Wilck