[cryptonector]

But the Unix environment is written in C, and there's a ton of legacy from the past several decades still to migrate from C. It's going to be slow going. That said, ditching sudo seems like the right thing to do, but then, writing a drop-in replacement is non-trivial too because sudo/sudoers is so baroque -- yet w/o a non-drop-in replacement would require user/customer migrations.

Meanwhile RedHat and others don't have infinite resources, and they inherited sudo.

[pjmlp]

Yes, because UNIX authors decided it was more fun to create C and ignore the history of safer systems programming.

They were also open about it, and thus created lint for validating the code, which most people ignore when writing C code.

[adrianN]

Sure, there is a mountain of legacy code. But why start Flatpak in C?

[imran-iq]

Because C can run on almost everything? For example, take Doom and the whole "Can it run Doom?" meme

[pjmlp]

Except for some weird architectures, where C is supported, C++ is as well.

And if either GCC or clang are supported, they support safer languages than C and C++ on their standard collection of frontends.

[adrianN]

How many architectures run Flatpak that don't have a compiler for any safer systems language? I don't think you run Flatpak on weird embedded chips, but maybe I'm mistaken.