• @[email protected]
    link
    fedilink
    41 year ago

    Opendoas has a significantly smaller codebase. It only has 4397 lines of code compared to Sudo-rs’s staggering 35990 lines.

    Hmm.

    % tokei src | rg ' (Language|Total)'
     Language            Files        Lines         Code     Comments       Blanks
     Total                  76        16243        13468          682         2093
    
    % tokei src test-framework | rg ' (Language|Total)'
     Language            Files        Lines         Code     Comments       Blanks
     Total                 196        34274        27742         1072         5460
    
    % git grep '#\[cfg(test)\]' src |wc
         40      44    1387
    

    I too love making unaware “Tests Considered Harmful” arguments based on some blind analysis.

    Funnily enough, one could easily do some actually potentially useful shallow analysis, instead of a completely blind one, simply by noticing the libc crate dependency, then running:

    git grep -Enp -e libc:: --and --not -e '(libc::(c_|LOG)|\b(type|use)\b)'
    

    Ignoring the usage in test modules, use of raw libc appears to be more than you would think from the title. One can also argue that some of that usage would be better served by using rustix instead of raw libc.

    Of course authors can counter with arguments why using rustix* is not feasible or would complicate things, and would argue that the use of unsafe+libc is required for this kind of project, and it’s still reasonably limited and contained.

    And a little bit more informed back-and-forth discussion can go from there.

    * Searching for rustix in the sudo-rs repo returned this. So this predictably has been brought up before.

    • @[email protected]
      link
      fedilink
      2
      edit-2
      1 year ago

      I’m sorry but I don’t understand whatever argument you’re making. I did the line count on my phone via termux because I was in a rush, so i’m aware the counts may be inaccurate. I should have made that clear in my earlier reply.

      I do, however, hold to the fact that any sudo implementation will be more complicated than doas. Sudo, as a project, has more options and usecases than doas so it also has more posibilities for bugs or misconfiguration for the user.

      I’m unable to tell what codebase your are refering to with you’re grep arguments, sorry.

      • @[email protected]
        link
        fedilink
        31 year ago

        I do, however, hold to the fact that any sudo implementation will be more complicated than doas. Sudo, as a project, has more options and usecases than doas so it also has more posibilities for bugs or misconfiguration for the user.

        Fair.

        I’m unable to tell what codebase your are refering to with you’re grep arguments, sorry.

        sudo-rs