Two of the most fundamental tools of the modern Unix-like command line, sudo and su, are being rewritten in the modern language Rust as part of a wider effort to get critical but aging infrastructure pieces replaced by memory-safe counterparts.
As detailed at Prossimo, a joint team from Ferrous Systems and Tweede Golf, with support from Amazon Web Services, is reimplementing sudo and su. These utilities allow a user to perform actions with the privileges of another user (typically a higher-level superuser) without having to learn and enter that other user’s password. Given their age and wide usage, the Prossimo team believes it’s time for a rework.
“Sudo was first developed in the 1980s. Over the decades, it has become an essential tool for performing changes while minimizing risk to an operating system,” writes Josh Aas. “But because it’s written in C, sudo has experienced many vulnerabilities related to memory safety issues.”