The Prossimo group has launched an initiative to reimplement the ubiquitous sudo and su utilities in Rust, a modern language that is memory safe. Josh Aas, writing about the Internet Security Research Group (ISRG) project, explains that sudo was first developed in the 1980s and has become an essential tool for making changes while minimizing risk to an operating system. However, because it is written in C, sudo has experienced many vulnerabilities related to memory security issues.
The software chosen for the safety reimplementation project is based on four risk criteria: it must be widely used, at a critical boundary, performing a critical function, and written in languages that are not memory safe. Sudo meets these criteria and is an important software to secure against memory vulnerabilities.
A joint team of Ferrous Systems and Second Wave, with generous support from Amazon Web Services, is doing the re-implementation work. Kevin Purdy of Ars Technica points out that the majority of sudo vulnerabilities don’t seem to be memory related and that the recoding process itself could introduce new bugs in the now “memory-safe” utilities. Additionally, the Prossimo initiative does not explain its plan to encourage mass adoption of the new, memory-safe versions of sudo and su.
