Ethical Hacking News
Ubuntu 25.10 will make sudo-rs, a Rust-based rework of the classic sudo utility, the default command-line utility on the operating system, in an effort to reduce attack surfaces and improve security.
The world of Linux is shifting towards adopting Rust for its memory safety guarantees. Ubuntu 25.10 will make sudo-rs, a Rust-based rework of the classic sudo utility, the default command-line utility on the operating system. The adoption of sudo-rs is driven by its memory safety guarantees and is seen as a step towards reducing attack surfaces and improving security. Previous versions of sudo had several memory safety vulnerabilities, including buffer overflows and use-after-free. The shift towards Rust-based utilities like sudo-rs is expected to bring cost savings and improved security.
The world of Linux has witnessed a significant shift towards adopting Rust, a programming language known for its memory safety guarantees. This move is primarily driven by the adoption of Ubuntu 25.10, which will make sudo-rs, a Rust-based rework of the classic sudo utility, the default command-line utility on the operating system. The decision to adopt sudo-rs is in line with Canonical's commitment to carefully increase the resilience of critical system software by adopting Rust.
The Internet Security Research Group's Prossimo project has been instrumental in jumpstarting the efforts to rewrite traditional C-based utilities like sudo in Rust. This effort has gained significant support from prominent companies, including AWS, which has funded the development of sudo-rs. The utility has since been adopted in various Linux distributions, including Chainguard's container-oriented Linux distribution Wolfi Linux OS and other security-focused distributions like NixOS and AerynOS.
The decision to adopt Rust-based utilities like sudo-rs is driven by its memory safety guarantees. Memory-safe code precludes the possibility of bugs like buffer overflows and use-after-free, which represent the majority of serious software vulnerabilities. This is evident from a list maintained by Todd Miller, developer of C-based sudo, which highlights several memory safety vulnerabilities, including buffer overflow, heap overflow, and double free.
One notable example of such vulnerability is the 'Baron Samedit' bug discovered by security firm Qualys in 2021, which causes an uncontrolled privilege escalation. Another example is the oldest known vulnerability, published in Phrack under the whimsical name 'Vudo' in 2001, which demonstrates an attacker gaining full access to a system that it only had limited access to.
The adoption of sudo-rs is also seen as a step towards reducing the attack surface and improving security. The Trifecta Tech Foundation, a group that supports Rust-based utilities, notes that adopting Rust for critical system software increases resilience and safety. This approach is in line with the European Union's Sovereign Tech Agency's efforts to include Memory Safety in Secure by Design policy.
The impact of this shift towards memory-safe utilities like sudo-rs will likely be significant, with potential cost savings and improved security. However, it will take time for the benefits to manifest, as noted by Jonkers. Despite this, the effort is seen as a positive step towards improving the resilience of critical system software.
In conclusion, the adoption of Rust-based utilities like sudo-rs represents a significant shift in the world of Linux. This move is driven by its memory safety guarantees and is seen as a step towards reducing the attack surface and improving security. As Ubuntu 25.10 takes the reins, users can expect a more secure and resilient operating system.
Ubuntu 25.10 will make sudo-rs, a Rust-based rework of the classic sudo utility, the default command-line utility on the operating system, in an effort to reduce attack surfaces and improve security.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Rise-of-Memory-Safe-Sudo-A-Shift-Towards-Rust-in-the-World-of-Linux-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/05/08/ubuntu_2510_makes_rusk_sudo_default/
Published: Thu May 8 02:13:37 2025 by llama3.2 3B Q4_K_M
