IIRC, all the recent sudo vulns are logic errors, not memory safety. I mean, rewrite away but let's not pretend that there couldn't be some new bug introduced due to a misunderstanding of how something works or just a plain old mistake.
> let's not pretend that there couldn't be some new bug introduced due to a misunderstanding of how something works or just a plain old mistake.
Is anyone doing that? I see a lot of claims of memory safety, but as far as I can see the project isn’t saying other types of bugs are for sure eliminated.
In the same way a new memory bug could be introduced to the original sudo.
Shrinking the attack surface with static checks seems like a better deal in the long run.