GitHub - memorysafety/sudo-rs: A memory safe implementation of sudo and su.
source link: https://github.com/memorysafety/sudo-rs
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
sudo-rs
A safety oriented and memory safe implementation of sudo and su written in Rust.
WARNING
Sudo-rs is currently under active development and is not suited for any production environment. Using sudo-rs is only recommended for development and testing purposes, but you should expect any system that has sudo-rs installed to break easily and to not be secure.
Quick start
Sudo-rs currently only supports Linux-based operating systems, although other unix-based operating systems may work, they are currently not actively supported or maintained.
Sudo-rs is written in Rust. We currently only support the latest stable compiler toolchain. To get a recent compiler toolchain we recommend using rustup. To build sudo-rs run
cargo build --release
This produces a binary target/release/sudo. However this binary must have the
setuid flag set and must be owned by the root user in order to provide any
useful functionality. Because we are in such an early stage we also require
an environment variable SUDO_RS_IS_UNSTABLE to be set, and it must have the
value I accept that my system may break unexpectedly. If you are unsure about
how to set this up, then the current version of sudo is not intended for you.
Sudo-rs needs the sudoers configuration file, but it currently reads it at
/etc/sudoers.test, instead of the default location. You must make sure that
a valid sudoers configuration exists at that location. For an explanation of
the sudoers syntax you can look at the
original sudo man page. While most
syntax should be supported as is, most functionality will currently not be
implemented. Sudo-rs currently may not always warn about this, so your sudoers
file may have a different meaning compared to the original sudo implementation.
Sudo-rs always uses PAM for authentication at this time, your system must be
setup for PAM. Sudo-rs will use the sudo service configuration.
Current work
Our current target is to build a drop-in replacement for most basic use cases of
sudo. For the sudoers config syntax this means that we aim to at least support
the default configuration files of some common Linux distributions (we currently
aim to suppor both the Fedora and Debian default sudoers configs). Our
implementation should eventually at least support all commonly used CLI flags
from the original sudo implementation (e.g. flags like -u, -g and -s).
Some parts of the original sudo are explicitly not in scope. Sudo has a large and rich history and some of the features available in the original sudo implementation are largely unused or only available for legacy platforms. In order to determine which features make it we both consider whether the feature is relevant for modern systems, and whether it will receive at very least decent usage. Finally of course a feature should not compromise the safety of the whole program.
The su program is a much simpler program and will only include basic
functionality. However, we think that the building blocks that make up our sudo
implementation will be suited to be used for creating a simple su
implementation.
Contributions
While we are still working on getting the basic infrastructure and architecture of sudo-rs up and running, accepting arbitrary contributions will be difficult. If you have any small changes or suggestions please do leave those, but if you want to work on larger parts of sudo-rs please ask first, or we may risk doing work twice or not being able to include your work.
Future work
While our initial target is a drop-in replacement for most basic use cases of sudo, our work may evolve beyond that target. We are also looking into alternative ways to configure sudo without the sudoers config file syntax and to extract parts of our work in usable crates for other people.
Recommend
-
86
ump A universal thread-safe memory pool. This simple memory pool can be used if following conditions are satisfied: (1) The memory sizes are some fixed numbers. E.g, 32 ,
-
8
Ineffective NO_ROOT_MAILER and Baron Samedit oss-sec mailing list archives By Date
-
9
Using a Different System?
-
9
Install and use pip on macOS without sudo / admin access Most recently tested on macOS Sierra (10.12.6) Download the installation script; curl https://bootstrap.pypa.io/get-pip.py -o ~/Downloads/get-pip.py
-
10
A Memory Safe Implementation of the Network Time ProtocolFolkert de VriesOct 11, 2022Folkert and the team at
-
3
Bringing Memory Safety to sudo and suJosh AasApr 26, 2023Our Prossimo project has historically focused on creating safer software on netw...
-
12
Counties Counties is a tasks or events countdown timer desktop app that comes with a small widget, which floats on your screen for easier monitoring and remembering your tasks or events. This project is an improved and of...
-
5
Sudo and signal propagation Sudo and signal propagation This week I spent some time debugging a curious case where signals were not being delivered to a sudo’ed proces...
-
6
...
-
5
ISRG celebrates 10 years of helping build a brighter Internet →The First Stable Release of a Memory Safe sudo Impleme...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK