Canonical should really wake up and stop thinking that rewriting in rust is a magical way to remove bugs.
Sure the rust rewrite will surely be easier to maintain and less error prone (Assuming the code is idiomatic), but you can’t rewrite software maturity.
They should put it behind a checkbox instead of shoving it down anyone’s throat. They are literally testing in prod
I take it you’ve never done any serious software development.
No matter how much they try, the in-house testing environment will never be as diverse as the “wild”. Running the software in production, where it will encounter a vastly greater range of system configurations, and users who will report issues, is often the only way to catch the more elusive bugs. Like xz. And let me point it out because people seem to have completely missed it: they caught the bug and fixed it.
Oh dear god I think you are joking but I know people who seriously do LFS as their production setup and get pissy anytime people say they are doing it wrong if they want to work with anyone else in the industry.
Canonical should really wake up and stop thinking that rewriting in rust is a magical way to remove bugs.
Sure the rust rewrite will surely be easier to maintain and less error prone (Assuming the code is idiomatic), but you can’t rewrite software maturity.
They should put it behind a checkbox instead of shoving it down anyone’s throat. They are literally testing in prod
Yes, because normal sudo never had bugs…
One of the vulnerabilities has remained unnoticed for over 12 years.
By software maturity you mean that the bugs are hitting puberty?
But that is literally what the 25.10 is for, to test in prod. So that those bugs are fixed in the upcoming LTS
They really should not be testing it at all. It’s not even feature complete, let alone mature.
I take it you’ve never done any serious software development.
No matter how much they try, the in-house testing environment will never be as diverse as the “wild”. Running the software in production, where it will encounter a vastly greater range of system configurations, and users who will report issues, is often the only way to catch the more elusive bugs. Like xz. And let me point it out because people seem to have completely missed it: they caught the bug and fixed it.
I’m not saying it should not be tested, I’m saying Ubuntu should not be testing it.
We have yet to see if they’ll stick to the Rust implementations for 26.04. If you’re running non-LTS Ubuntu in prod, that’s not on Canonical…
If we expect software like sudo to stick around for decades to come, a transition phase like this might very well be worth the investment.
IMO if you’re running Ubuntu at all in prod you already fucked up.
Real professionals use LFS, obvs
Oh dear god I think you are joking but I know people who seriously do LFS as their production setup and get pissy anytime people say they are doing it wrong if they want to work with anyone else in the industry.
Fedora hasn’t really had this issue and it is on the edge.
It is probably more of an act of desperation to stay relevant