The link you cite says it was worse in the Rust version:
> During the audit, it came to light that the original sudo implementation was also affected by [CLN-001: relative path traversal vulnerability], although with a lower security severity due to their use of the openat function.
Re: I am unsure where you got this. It's the same vulnerability.
> During the audit, it came to light that the original sudo implementation was also affected by this issue, although with a lower security severity due to their use of the openat function.
> Like building an entirely new car company around only making side-impact collisions safer
...which still results in safer cars overall, so I don't see the problem. Especially if those cars are almost completely immune to side-impact collisions and if it's actually not a car company but a technology every manufacturer can use for future products.
You don't see the problem in starting an entirely new car manufacturer from scratch just to fix one safety issue?
> if it's actually not a car company but a technology every manufacturer can use for future products
In that case it's like every single manufacturer changing their engine design in order to have a different wiring harness with a slightly thicker shielding around a single cable. The amount of work and cost involved, and risk to every other part of the process, just to fix one tiny thing, makes no sense. It is an insane amount of work for extremely little benefit.
> it's like every single manufacturer changing their engine design in order to have a different wiring harness with a slightly thicker shielding around a single cable.
Car manufacturers improve their engine designs all the time.
It's also not uncommon that programs get rewritten in order to achieve better results, and recently Rust happens to be a popular choice where both speed and security are important. There's nothing extraordinary about it really.
