"And? It's a simple tool. It's not exactly the most complex thing in the world - it's not as though it needs multiple developers, as if/when the current dev drops the project another can easily step over".
And then I started flipping through some of the code. Man, sudo is complex. Much more so than one would naively assume.
I started to have that same thought and so looked at the code and of course my next thought was along the lines of "Well...I mean it isn't like it changes that much, right?" and realized that I probably use such a tiny subset of what sudo can do.
There is a lot more in the man page than I expected not to mention options I can even fathom needing (for myself, yet).
But the second one is a patch I sent to OpenBSD. Apparently the portable version of sudo keeps an up-to-date copy of this file.
Sudo is a super useful tool, and Todd has made a wonderful job at maintaining it for the past 20 years or so.
Most opensource projects have only one maintainer. This is not necessarily a bad thing; it oftens allows them to iterate quickly.
And it doesn't mean the code is only read by one pair of eyeballs either. In particuler, sudo is part of OpenBSD, and other OpenBSD developers take a look at the changes when a new version gets merged.
sudo can do more things than most people have ever fathomed. And large organizations trying to follow least privileged access best practices end up with enormous and complex sudo rulesets.
Looks like a healthy project to me, where the author cared and stayed. Not like other projects which got dumbed down by their contributors or takeovers. One is the best you can expect.
"And? It's a simple tool. It's not exactly the most complex thing in the world - it's not as though it needs multiple developers, as if/when the current dev drops the project another can easily step over".
And then I started flipping through some of the code. Man, sudo is complex. Much more so than one would naively assume.