this post was submitted on 21 Jan 2024
779 points (93.3% liked)
Programmer Humor
32479 readers
687 users here now
Post funny things about programming here! (Or just rant about your favourite programming language.)
Rules:
- Posts must be relevant to programming, programmers, or computer science.
- No NSFW content.
- Jokes must be in good taste. No hate speech, bigotry, etc.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Search for leak in sudo's changelog: https://www.sudo.ws/releases/changelog/
Leaks aren't usually security critical though, and I've never heard of sudo triggering the OOM killer.
Also, no general purpose language that I'm aware of can guarantee a lack of memory leaks.
You're going to summon every Rust enthusiast on the platform
I am myself a crustacean, and we crabs know that lack of memory leaks is not one of the guarantees of safe rust.
crab_with_glowing_eyes.jpg
Especially since sudo is generally quite short lived. Unless it is leaking a significant amount of memory waiting for authentication that never comes it is insignificant. It would actually be pretty easy to argue that
sudo
just shouldn't free memory at all. This would be better for security (all pointers live forever) and possibly faster as upon exec the kernel can just wipe all state rather than havingfree
carefully account for the releases.