The implementation of sudo and su in Rust is intended to improve security in these utilities.
Three months ago, We share here on the blog the news of the creation of the “Sudo-rs” project by the ISRG, which is the founder of the Let's Encrypt project and which promotes the development of technologies to increase the security of the Internet.
In said publication we share some of the details and features of the project, of which basically have the purpose of creating implementations of the SUDO and SU utilities, in Rust (you can consult the publication In the following link).
First stable version of sudo-rs
The reason for mentioning this is that recently the release of the first stable version of the project was announced Sudo-rs, in which engineers from Ferrous Systems and Tweede Golf participated in the development with funds provided by Google, Cisco and Amazon Web Services.
For those who are unaware of the "Sudo-rs" project, I can tell you that this Its purpose is to develop versions of the SUDO and SU utilities, written in Rust, designed to run commands on behalf of other users, since SUDO is a console utility on Unix-like operating systems to run commands with the privileges of another user, by default root.
The functions SUDO and SU, in sudo-rs were written from scratch in Rust, which is a language that is increasingly used and recommended in the industry, since it has become one of the main languages for Android and that even in the Linux Kernel support for it as a second language has already been implemented. programming. For its part, Microsoft has also mentioned on several occasions its intention to rewrite the kernel and part of the Windows libraries it contains.
It is mentioned that the utilities are compatible with the classic SUDO and SU utilities whenever possible, what allows you to use sudo-rs as a transparent replacement for SUDO in typical scenarios They match the default /etc/sudoers settings on Ubuntu and Debian. sudo-rs has already been implemented instead of the traditional SUDO package in the Wolfi Linux distribution, with the goal of providing the highest level of security.
Be supposed to using Rust language for SU and SUDO development will reduce the risk of vulnerabilities caused by insecure memory handling and will eliminate the occurrence of errors such as accessing an area of memory after it has been freed and running out of memory at buffer boundaries.
In addition, to ensure the appropriate level of security, the project has developed an extended set of tests, which also allows you to control maintaining the required level of compatibility with the original sudo utility. In order to reduce the attack surface and reduce the number of potential vulnerabilities in sudo-rs, it was decided to abandon the implementation of the rarely used sudo functionality.
Of the differences with SUDO, it is mentioned that include the default use_pty mode, between Fundamentally unimplemented functions include mail_badpass, as well as support for sendmail, while features that have not yet been implemented, but will be added in the future: sudoedit utility, NOEXEC and NOINTERCEPT modes, support for binding "default" configuration blocks to individual users and commands, the ability to authenticate without using PAM.
It is worth mentioning that in this month of September, it is expected to be able to confirm the quality of the implementation and that an independent audit of the sudo-rs code base is also planned.
In addition, it is mentioned that in the second version, it is planned to add tools for working in multi-user environmentssuch as NOEXEC mode, adding audit logs, providing users with sweats the ability to map hosts and implement support for up to 16 user groups. The third version is planned to support the configuration of sweats used in Fedora, as well as adding the utility it sweats and use the SELinux and AppArmor mechanisms to increase security.
Finally If you are interested in knowing more about itor, you can check the details In the following link.