Skip to main content


Sudo rewrite sudo in #rust - just received this postcard at #FOSDEM.
XKCD-style comic. A: Rewrite sudo in rust. B: What? Rewrite it yourself. A: sudo rewrite sudo in rust. B: okay.
This entry was edited (9 months ago)

But to be fair ...

Is it the implementation language being the main issue? Or is it the flexibility of extending it with plugins and that it is effectively a setuid tool, granting root access immediately when an unprivileged user starts the program (the privileges are reduced first when it has parsed the sudo config).

Sudo is a nice tool from the user's side. But security wise it's a disastrous approach. Privileges should first be elevated *after* the config has been parsed and the expected privilege level has been established. Then the tool should ideally jump to that privilege level directly.

This post introduces some new ideas ... https://tim.siosm.fr/blog/2023/12/19/ssh-over-unix-socket/

It's not a perfect approach in all cases. But it gets rid of the setuid issue.

#linux #sudo #security

@slothrop I wonder how ChatGPT would handle that
That sounds like a massive security issue waiting to happen.
@gudenau It was indeed handed out to me by one of the sudo-rs devs iiuc.
I wonder if Microsoft used rust in their own "sudo" implementation? Sorry about the quality of source. https://news.itsfoss.com/sudo-on-windows/
feels a bit like a pitch for a generative ai tool πŸ˜…
There are 1 0 people who are going to understand that joke: those who are experienced with a *NIX command-line and those who aren’t πŸ™‚
⇧