-
I’m actually a bit concerned that this person is the “ Archmage of Infrastructure” at tailscale. This is a very flippant and dangerous attitude towards current security models.
I get that there should be real improvement and thought on improving the systemic issues, but this isn’t it at all.
Even the whole “ They wrote the program in C, (as far as I can tell)” is telling. It takes 30 seconds to find the source and confirm that it is in C ( https://github.com/sudo-project/sudo ) and really, if you want to replace something, understanding why it behaves like it does is important.
This tool is the same as giving everyone unrestricted root access and given I use tailscale, I’m now concerned this is the level of security they’re running on their infrastructure.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
-
-
For example, there is this (pure safe Rust) code: https://github.com/ben0x539/totally-safe-transmute/blob/main... which accesses external resources (/proc/self/mem) in order to violate the safety guarantees.