sudo and su

Prossimo Initiative
ISRG celebrates 10 years of helping build a brighter Internet →
sudo and su logo

The Story

The sudo and su utilities mediate a critical privilege boundary on just about every open source operating system that powers the Internet. Unfortunately, these utilities have a long history of memory safety issues.

By rewriting sudo and su in Rust we can make sure they don't suffer from any more memory safety vulnerabilities. By leaving out less commonly used features we can reduce attack surface.

What We've Done

In December of 2022 we funded a joint development effort between Tweede Golf and Ferrous Systems to rewrite sudo and su in Rust. That work is going well and we encourage people to give sudo-rs a test run today.

What's Next

We expect the first stable release of sudo-rs in August of 2023. You can follow development by watching the GitHub repository.

Links

From our Blog

April 26, 2023

Bringing Memory Safety to sudo and su

We are reimplementing sudo and su utilities in Rust.

Funders

AWS