Why does Rust rewrite sudo and su?

Why does Rust rewrite sudo and su?

The Prossimo project of the Internet Security Research Group (ISRG) is rewriting sudo and su in Rust with the goal of making them memory-safe, ensuring that they do not suffer from memory safety vulnerabilities, and further strengthening the Linux and open source ecosystem.

According to reports, the software selected by Prossimo will focus on the following aspects:

Very widely used (almost every server/client is using it)
at the borderline
perform key functions
Whether it is written in a memory-unsafe language (such as C, C++, asm)

And sudo just satisfies the above situation, so Prossimo decided to protect this most critical software, especially to avoid memory safety vulnerabilities.

sudo (substitute user [or superuser] do), is a computer program, used on Unix-like operating systems such as BSD, Mac OS X/macOS, and GNU/Linux, that allows a user to use specific privileges in a secure manner Executes a program (usually the operating system’s superuser).

It was first developed in the 1980s. For decades, sudo has been an essential tool for making changes while minimizing risk to the operating system.

But because it’s written in C, sudo suffers from a lot of bugs related to memory safety issues. To secure critical software from memory safety vulnerabilities, AWS-funded Ferrous Systems and Tweede Golf are jointly porting sudo and su from C to Rust.

The project is now hosted on GitHub: https://github.com/memorysafety/sudo-rs