The sudo and su utilities mediate a critical privilege boundary on just about every open source operating system that powers the Internet. Unfortunately, these utilities have a long history of memory safety issues.
By rewriting sudo and su in Rust we can make sure they don't suffer from any more memory safety vulnerabilities. By leaving out less commonly used features we can reduce attack surface.
What We've Done
In December of 2022 we funded a joint development effort between Tweede Golf and Ferrous Systems to rewrite sudo and su in Rust. That work is going well and we encourage people to give sudo-rs a test run today.
We expect the first stable release of sudo-rs in August of 2023. You can follow development by watching the GitHub repository.