Adopting sudo-rs By Default in Ubuntu 25.10 | and status update on rust coreutils and rust PGP
Adopting sudo-rs By Default in Ubuntu 25.10 | and status update on rust coreutils and rust PGP
Introduction Following on from Carefully But Purposefully Oxidising Ubuntu, Ubuntu will be the first major Linux distribution to adopt sudo-rs as the default implementation of sudo, in partnership with the Trifecta Tech Foundation The change will be effective from the release of Ubuntu 25.10. You c...
cross-posted from: https://lemmy.world/post/29210689
Adopting sudo-rs By Default in Ubuntu 25.10
Now we just need to rewrite the Linux kernel in Rust
Does it have to be Linux? Some greybeards are pretty opposed to it. I wonder if it would be easier to make our own
theme parkkernel withblackjack and hookersmemory and thread safety, like Redox.This will delay Hurd by another 40 years
Does it have to be Linux?
In order to be a viable general use OS, probably yes. It would be an enormous amount of effort to reach a decent range of hardware compatibility without reusing the work that has already been done. Maybe someone will try something more ambitious, like writing a rust kernel with C interoperability and a linux-like API so we can at least port linux drivers to it as a "temporary" solution.
we’re also sponsoring the uutils project to ensure that some key gaps are closed before we ship 25.10. The sponsorship will primarily cover the development of SELinux support for common commands such as mv, ls, cp, etc.
I didn't think Ubuntu used SELinux.
Not by default, but you can optionally enable it.
Wrong move. To make sudo more secure, you should instead ditch 90% of the features intended for server which nobody on desktop uses. 150 lines of C code is enough to provide sudo-like functionality on desktop, probably similiar in Rust.
except ubuntu isn't a desktop-only distro
you might also not be considering corporate workstation in an intranet
They are open to drop some features apparently, but maybe not "90%"
The developers are taking a “less is more” approach. This means that some features of the original sudo may not be reimplemented if they serve only niche, or more recently considered “outdated” practices.
A way smaller alternative therefore less prompt to vulnerabilities is OpenDoas found on Arch/Artix/... and other distros. From the GH project:
doas is a minimal replacement for the venerable sudo. It was initially written by Ted Unangst of the OpenBSD project to provide 95% of the features of sudo with a fraction of the codebase.