Internet Security Research Group (ISRG) is rewriting sudo and su by Rust
- Seagate 12TB HDD: 7.46% failure rate and 1.5 year lifespan
- An American company made 0.7nm chips: EUV lithography machines can’t do it
- 14000 cores + 450W: RTX 4080 graphics card perfectly replaces the RTX 3080
- Big upgrade: The difference between Bluetooth 5.0 and 5.2
- Geeks Disappointed that RTX 4080/4090 doesn’t come with PCIe 5.0
- What are advantages and disadvantages of different load balancing?
Internet Security Research Group (ISRG) is rewriting sudo and su in Rust
The Prossimo project of the Internet Security Research Group (ISRG) is rewriting sudo and su by Rust with the goal of making them memory-safe, ensuring that they do not suffer from memory safety vulnerabilities, and further strengthening the Linux and open source ecosystem. safety.
According to reports, the software selected by Prossimo will focus on the following aspects:
- Very widely used (almost every server/client is using it)
- at the borderline
- perform key functions
- Whether it is written in a memory-unsafe language (such as C, C++, asm)
And sudo just satisfies the above situation, so Prossimo decided to protect this most critical software, especially to avoid memory safety vulnerabilities.
sudo (substitute user [or superuser] do), is a computer program, used on Unix-like operating systems such as BSD, Mac OS X/macOS, and GNU/Linux, that allows a user to use specific privileges in a secure manner Executes a program (usually the operating system’s superuser).
It was first developed in the 1980s. For decades, sudo has been an essential tool for making changes while minimizing risk to the operating system.
But because it’s written in C, sudo suffers from a lot of bugs related to memory safety issues. To secure critical software from memory safety vulnerabilities, AWS-funded Ferrous Systems and Tweede Golf are jointly porting sudo and su from C to Rust.
The project is now hosted on GitHub: https://github.com/memorysafety/sudo-rs
Work began in December last year and is scheduled to end in September 2023. View the specific development plan: Work Plan .
- DIY a PBX (Phone System) on Raspberry Pi
- How to host multiple websites on Raspberry Pi 3/4?
- A Free Intercom/Paging system with Raspberry pi and old Android phones
- DIY project: How to use Raspberry Pi to build DNS server?
- Raspberry Pi project : How to use Raspberry Pi to build git server?