Two core Unix-like utilities, sudo and su, are getting rewrites in Rust
news.movim.eu / ArsTechnica · Monday, 1 May - 17:05
wider effort to get critical but aging infrastructure pieces replaced by memory-safe counterparts.
As detailed at Prossimo , a joint team from Ferrous Systems and Tweede Golf , with support from Amazon Web Services, is reimplementing sudo and su. These utilities allow a user to perform actions with the privileges of another user (typically a higher-level superuser) without having to learn and enter that other user's password. Given their age and wide usage, the Prossimo team believes it's time for a rework.
"Sudo was first developed in the 1980s. Over the decades, it has become an essential tool for performing changes while minimizing risk to an operating system," writes Josh Aas. "But because it's written in C, sudo has experienced many vulnerabilities related to memory safety issues."