this post was submitted on 13 Jun 2025
69 points (97.3% liked)

Rust

7140 readers
1 users here now

Welcome to the Rust community! This is a place to discuss about the Rust programming language.

Wormhole

[email protected]

Credits

  • The icon is a modified version of the official rust logo (changing the colors to a gradient and black background)

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
69
Ubuntu 25.10 Switches to Rust-based Sudo (www.omgubuntu.co.uk)
submitted 3 weeks ago by [email protected] to c/[email protected]
31 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 3 weeks ago (12 children)

What issue do people have with the sudo-rs license? Its Free and Open Source. I think its more like people having an issue with the language Rust and just search excuses to be mad at.

[–] [email protected] 5 points 3 weeks ago (11 children)

The concern is that if lots of softwares get rewritten and some of those softwares switch from a copyleft license to a permissive license, then things might stop being open-source sooner or later, because companies are not anymore forced to open-source.

Yes, in the case of sudo-rs, this concern is silly. But for example, the uutils coreutils are under MIT license, when the GNU coreutils were under GPL-3.0.

[–] [email protected] 1 points 3 weeks ago (8 children)

I don't see a problem. If someone forks it and changes the license to some proprietary, then their fork is proprietary. The original software is still Open Source. People act like as if the original license changed.

[–] [email protected] 5 points 3 weeks ago

The issue is big companies.
Google/Amazon/Microsoft can now fork sudo-rs and not have to upstream their changes.
So then Google fixes an exploit for their sudo-rs implementation (or whatever software) and patch it under a different licence. Now the upstream, Amazon and Microsoft forks don't know if that exploit is also in their implementation, is related to their implementation, or how to potentially fix it.

The only way it works is if sudo-rs is implementing new features in a way that it benefits Google/Amazon/Microsoft to contribute back to upstream so they don't have to keep merging/fixing their exploit code.

For something as stable as sudo, it actually benefits Google/Microsoft/Amazon NOT to share their changes.
If they are rolling and recommending their own distros (which I'm sure they already are) that include their forked changes, then they can say that their software is more secure than other brands. It benefits them for their competition to suffer security breaches, especially if they trace back to these kinda changes.

Which makes everything worse for everyone.

load more comments (7 replies)
load more comments (9 replies)
load more comments (9 replies)