Release v4.0: Secure Execution, Working Directories & Project Modernization
This version introduces a new secure execution crate and many more. While it does change the major version, it does not introduce breaking changes.
First, we added the working directory feature, which allows to allow some commands being executed only whan it is in a specific working directory. This new feature adds more control on the process, and more security by extension. However, security of this feature is strongly relying on the correct configuration of the filesystem.
Then, we implemented the directory-based policy configuration implementation. This new feature allows to configurators to specify a directory for the access control policy, then RaR lookup (not recursively) in that directory for policy files. This is mainly useful for two reasons : doing a per-user policy file for better auditing, or a readability/organisational objective.
Also, RaR has also new compilation options. Making it way more configurable directly at compilation.
The new execution crate and why it is a reason for 4.0
This new major version underlines a new way to execute programs with dosr. It switchs from the doas model to the sudo one.
Doas is mainly considered more secure from the OpenBSD community because it has fewer code surface that can be exploited.
The original sudo has many many features that was included over the years. So in conclusion OpenBSD community were saying that compared to sudo, doas is more secure, which is true.
However, sudo introduced many great ideas in these new features, such as the program execution method. Instead of just execve() the wanted program, sudo spawn an intermediary process that is transferring, monitoring and filtering administrator inputs. For us, that is adding way more security than the doas program.
So this new execution model and new logo are the main motivation to start a new major version. Concretely, going from 3.x to 4.0 isn't breaking changes. But of course you'll find several new features that makes RaR way more reliable, secure and useful.
What's new since 3.0 release?
WIP
Project structure and versioning:
- Bumped project version to
4.0.0and upgraded Rust edition to2024inCargo.toml. - Added
rar-execas a workspace member and dependency. [1] [2] [3] - Changed the main binary path from
src/sr/main.rstosrc/dosr/main.rsto match the new project structure.
Tooling and configuration improvements:
- Updated
.cargo/config.tomlto refine coverage exclusions, adjust environment variable paths, and introduce new environment variables for workdir behavior. [1] [2] [3] - Cleanup
.vscode/launch.jsonwith new debug configurations for integration and package tests, and added a prompt for test selection. Enhanced.vscode/settings.jsonfor stricter linting and feature management withrust-analyzer. [1] [2]
Documentation and branding:
- Added
AI_LETTER.md, a comprehensive letter on AI usage policy, transparency, and project philosophy. - Updated
README.mdto feature the new hand-drawn mascot/logo, clarify logo licensing, add a research/publications section, update Rust version prerequisites, and reference the AI policy letter. [1] [2] [3] [4]
Dependency and feature management:
- Replaced several dependencies (e.g., switched from
linked_hash_settoindexmap, updatedtomlandnonstickversions, removed unused dependencies) and adjusted feature flags for improved modularity and maintainability. [1] [2] [3]
Linting and code quality:
- Introduced stricter Clippy lints and feature management in
Cargo.tomland.vscode/settings.json, enablingpedanticandnurserylints, and denyingunwrap_usedoutside tests. [1] [2]
These changes collectively modernize the project, improve developer experience, clarify policies, and reinforce the project's commitment to transparency and quality.