Why Sudo-rs Brings Modern Memory Safety To Ubuntu 26.04

LONDON — First things, first. Chill out. Yes, Ubuntu 26.04, nan adjacent semipermanent support of Ubuntu, will person sudo-rs, a type of sudo written successful memory-safe Rust. No, it’s not going to switch good-old C-based sudo. They’ll some beryllium successful there. Breathe. Relax.

No, seriously. It’s already successful Ubuntu 25.10. It’s been moving conscionable good for me. If you don’t spot it, you tin power which type you usage pinch nan command:

As Marc Schoolderman, nan lead technologist of nan sudo-rs project, explained successful a position at  Ubuntu Summit 25.10, rewriting nan essential sudo command successful Rust is not conscionable a “porting for nan liking of Rust.” It’s a deliberate redesign to reside heavy security, maintainability and elasticity concerns astatine nan bosom of nan Linux privilege boundary.

He came connected to nan task erstwhile personification sent him a connection asking, “‘How would you for illustration arsenic portion of your time occupation to activity connected thing that tin person immense impacts, successful a nice, modern programming language?’ Why not? That’s nan honorable reply for me.” He is clear that nan rewrite serves arsenic “a bully constituent to rethink requirements,” allowing not only greater method freedom, but besides deeper organization contribution. Sudo-rs’s reduced codification size and expressive Rust semantics make it acold easier for extracurricular contributors to propose enhancements.

He and his chap developers are doing this activity manus successful mitt pinch Todd Miller. Todd who? You cognize nan feline who is nan sole maintainer of sudo and is presently searching for a sponsor to money continued sudo maintenance. You cognize nan xkcd animation of nan world’s modern integer infrastructure depending connected a azygous developer successful Nebraska? That’s Miller, isolated from he lives successful Colorado. We request a modern, much memory-safe type of sudo, that’s sudo-rs, and Miller besides needs our support.

The Motivation for Rewriting Sudo successful Rust

That said, Schoolderman explained that sudo-rs sewage its commencement successful 2023 done nan Internet Security Research Group arsenic portion of its Prossimo inaugural to rewrite captious unfastened root utilities successful safe languages.  In particular, they targeted ubiquitous utilities that unrecorded connected nan information bound and are not yet implemented successful modern memory-safe languages.

While improved representation information — Rust’s defining kindness — is central, arsenic up to 30% of sudo’s superior vulnerabilities historically stem from representation issues, Schoolderman emphasizes that Rust’s expressive type strategy and nan easiness of refactoring it provides are arsenic transformative for maintainability and auditing.

Instead of blindly copying each bequest feature, sudo-rs’s squad uses nan opportunity to rethink requirements and streamline features, optimizing for some information and relevance successful modern systems.

Understanding Sudo-rs successful Ubuntu

That intends sudo-rs’s extremity is to beryllium a drop-in replacement for each of sudo’s mundane usage cases. For sudo config syntax, this intends it supports nan default configuration files for communal Linux distributions and FreeBSD. “Our implementation should support each commonly utilized bid statement options from nan original sudo implementation.”

But, and this is important, immoderate parts of nan original sudo are explicitly not successful scope. Sudo has a ample and rich | history, and immoderate of nan features disposable successful nan original sudo implementation are mostly unused aliases only disposable for bequest platforms.

So, alternatively than cloning each aspects of nan bequest sudo, not each “quirky” characteristic aliases infrequently utilized capacity is included. Yes, that intends your “essential” sudo characteristic whitethorn not beryllium included. But do you really request it? Check it and see. And, if you really, really do request it, fto nan developers know, and possibly they’ll see it. Besides, remember, sudo isn’t going anywhere. You tin conscionable usage it instead.

Besides making sudo-rs safer, different logic for nan refactoring was, “There’s a batch of business logic successful sudo going on, and if you’re utilizing Rust, you person a modern connection that has a very expressive type system, and it’s overmuch easier to definitive nan logic successful a measurement that’s maintainable and readable.”

In addition, Schooderman said, “The biggest use of utilizing Rust for sudo-rs from our squad has not needfully been nan representation information issue, though that’s nice, but you get it for free. The biggest use is having a smaller codebase that’s easier for outer users to look into.”

He continued, “We put sudo connected a diet, and we really brought it down to, I think, 3 nonstop dependencies, and they’re each maintained by nan Rust project. So I deliberation sudo is simply a very thin project, and we want to support it that way.”

Collaboration pinch nan Original Sudo Maintainer

Schoolderman continued that sudo-rs incorporates lessons from decades of sudo improvement while actively collaborating pinch Miller. He has some advised Schoolderman’s squad and contributed to bug fixes successful sudo-rs. This has led to nonstop cross-pollination betwixt projects: sudo-rs’s broad tests person moreover uncovered vulnerabilities successful nan original sudo, which Miller quickly patched.

Rather than being rivals, sudo-rs and sudo are complementary, and their developers are helping each different make some better.

In 2025, Canonical decided to make sudo-rs nan default sudo implementation for Ubuntu 25.10. This includes backing milestones for Ubuntu compatibility, specified arsenic NOEXEC ammunition flight prevention and AppArmor controls. By aiming for backward compatibility wherever it matters (legacy scripts and workflows), Canonical ensures soft transitions, rigorously testing sudo-rs capacity and reliability for nan upcoming Ubuntu LTS merchandise successful 2026. Canonical’s activity hopes to animate different awesome distributions to subordinate them.

The Trifecta Tech Foundation now oversees nan project’s governance and funding. This ensures a well-maintained and divers squad beyond nan “bus factor” of single-maintainer risk.

The dream is that nan modulation to sudo-rs will present less information patches, reduced downtime from exploits and a modernized, streamlined codebase that’s easier for newcomers and maintainers alike to audit and extend.

The ‘Less is More’ Design Philosophy of Sudo-rs

So sudo-rs embodies a “less is more” philosophy, omitting bloat and focusing connected robust essentials. System administrators and information engineers should admit this change.

Will it work? Stick astir and find out, aliases commencement experimenting pinch Ubuntu 25.10 aliases 1 of nan different galore distros that support it arsenic an action today, specified arsenic Arch, Fedora, Debian aliases NixOS.

Group Created pinch Sketch.