sudo and su

Prossimo Initiative
sudo and su logo

The Story

The sudo and su utilities mediate a critical privilege boundary on just about every open source operating system that powers the Internet. Unfortunately, these utilities have a long history of memory safety issues.

By rewriting sudo and su in Rust we can make sure they don't suffer from any more memory safety vulnerabilities. By leaving out less commonly used features we can reduce attack surface.

What We've Done

In December of 2022 we funded a joint development effort between Tweede Golf and Ferrous Systems to rewrite sudo and su in Rust.

As of August 2023, the first stable release is out, give it a shot!

We'd like to thank Todd Miller, maintainer of the original sudo utility, for his advice and guidance on our implementation.

What's Next

We're currently raising funding for additional enterprise features.

Packages

Links

More from the Prossimo blog

July 17, 2024

A new home for memory safe sudo/su

Sudo-rs, an open source memory safe implementation of sudo/su, has a new long-term home at the Trifecta Tech Foundation.

May 9, 2024

Providing official Fedora Linux RPM packages for ntpd-rs and sudo-rs

Memory safe NTP and sudo are now in Fedora Linux.

March 7, 2024

Sudo-rs dependencies: when less is better

Here’s how we reduced dependencies from 135 to 3 in sudo-rs.

August 29, 2023

The First Stable Release of a Memory Safe sudo Implementation

Our Rust rewrite of sudo is ready for use.

April 26, 2023

Bringing Memory Safety to sudo and su

We are reimplementing sudo and su utilities in Rust.

Funders

AWS