FYI: The sudo-rs bug of leaking passwords on timeout is a general problem of line buffered stdin streams.
The `read` builtin suffers from the same problem.
https://github.com/trifectatechfoundation/sudo-rs/security/advisories/GHSA-c978-wq47-pvvw
hukl
and 3 others
boosted
This is a reminder to everyone that security is more than just memory safety. https://www.phoronix.com/news/sudo-rs-security-ubuntu-25.10
This is a reminder to everyone that security is more than just memory safety. https://www.phoronix.com/news/sudo-rs-security-ubuntu-25.10