Ubuntu is working with the Trifecta Tech Foundation to transition core system tools to memory-safe utilities written in Rust. The most prominent planned change is the adoption of sudo-rs as the default sudo
implementation in Ubuntu 25.10, scheduled for release in late October 2025.
This initiative is driven primarily by the desire to enhance system resilience and safety by leveraging Rust's memory safety guarantees.
While sudo-rs aims to be a near drop-in replacement for most day-to-day uses of the traditional sudo, some niche features, such as distributing the sudoers file via LDAP, are explicitly not supported.
This move is part of a broader effort to oxidise Ubuntu, which also includes exploring the adoption of uutils (Rust reimplementations of GNU Core Utilities) as the default.
The Trifecta Tech Foundation, a non-profit focused on secure, open-source infrastructure, is the driving force behind sudo-rs and other Rust-based security-critical projects.
Table of Contents
What is sudo?
If you use Linux system, you've probably used the sudo
command. sudo (short for "superuser do") is a command-line tool in Linux and Unix-like systems that lets a permitted user run commands with elevated (root) privileges.
It’s commonly used for administrative tasks like installing software or modifying system settings, and it enforces access control via a configuration file called sudoers
.
For a long time, the standard sudo
tool has been the way to get these elevated privileges on Linux. It's been around for over thirty years and has been very helpful.
But now, Ubuntu is making a big change starting with its 25.10 release.
Ubuntu 25.10 Adopts sudo-rs
Ubuntu 25.10 is switching the default sudo
tool to a new version called sudo-rs.
As you already guessed, the "rs" means this new version is written in Rust programming language. The original sudo
was written in a C language.
This project is developed by the Trifecta Tech Foundation (TTF), a group that focuses on building secure, open-source tools that are important for everyone. They are working together with Todd Miller, the person who has maintained the original sudo
for over thirty years.
This new sudo-rs
version is like a testing ground.
Ubuntu wants to see how it works for everyone and gather feedback before potentially making it the default in the next big Long Term Support (LTS) release, Ubuntu 26.04 LTS.
Why Ubuntu is Embracing Rust for Sudo?
Ubuntu 25.10 introduces sudo-rs
as the default, along with Rust-based replacements for core system utilities. This change is mostly about making Ubuntu more secure and reliable.
Think of it like this: programs written in languages like C can sometimes have certain types of mistakes, called "memory-safety issues", that can potentially be exploited by attackers to do bad things.
The sudo
command is really important because it handles giving you special powers. So, any security problem in sudo
can be a big risk.
Rust has strong security features that help programmers avoid many of these memory-safety problems right from the start. It makes it much harder to accidentally write code that could be unsafe.
So, by using sudo-rs
written in Rust, Ubuntu is aiming to have a version of sudo
that is much more protected against these kinds of attacks.
Sudo-rs in Ubuntu: Will You Notice the Change?
For the vast majority of people using Ubuntu, you won't even notice a difference in your daily computer use.
When you type sudo
, it will work just like it always has. You'll still type your password, and you'll still be able to run commands that need extra powers. The change is happening under the hood to make things safer.
Are There any Differences between sudo-rs and sudo?
While sudo-rs
is designed to be a "drop-in replacement" for most common tasks, the developers are taking a "less is more" approach. They haven't included some very specific or less-used features that the original sudo
has.
For example, if you use a very complex setup where your computer gets its sudo
rules from a central server using LDAP, that specific method of distributing the sudo rules via LDAP is not supported by sudo-rs
.
However, using LDAP for user logins (PAM and NSS) should still work. The sudo-rs
team believes that managing these complex rules is better handled by separate tools.
Another feature that might not be fully implemented yet is sudoedit
, which lets you edit files with administrator powers safely. Fortunately, Canonical is actually sponsoring work to add features like sudoedit
and support for older Linux kernels to sudo-rs
.
If you rely on one of these less common features, don't worry! The original sudo
will still be available in Ubuntu. You will be able to switch back to it using the update-alternatives
command if you need to.
Replace sudo with sudo-rs in Ubuntu
An experimental tool called oxidizr has been developed to help users and developers easily test and switch between the traditional utilities and these newer Rust-based alternatives on Ubuntu systems.
To try sudo-rs and other Rust-based alternatives to legacy Unix tools in Ubuntu, you can use the oxidizr tool as explained in the link below.
Key Takeaways
- Ubuntu is making
sudo-rs
the default to boost security through Rust’s memory safety features. Ubuntu 25.10 will be the first major Linux distribution to ship sudo-rs as its default sudo. - Most users won’t notice a change. Your
sudo
commands should work exactly as before. - Fallback is available. You can still use the original
sudo
if needed. - This is just the beginning. Ubuntu is moving more critical system tools to Rust for better safety and resilience.
Ubuntu is Slowly Adopting Rust-based Tools
Adopting sudo-rs
is part of a bigger effort by Ubuntu to use more modern, memory-safe programming languages like Rust for important system tools. They are calling this "Carefully But Purposefully Oxidising Ubuntu".
They are also looking at replacing other core tools (like the ones that handle copying or listing files) with Rust versions called uutils coreutils
.
Additionally, Ubuntu team is also exploring the possibilities to Integrate Rust-based PGP tools like sequoia-pgp into APT package manager.
Ubuntu is slowly but purposefully adopting Rust-based tools for core system components. Please note that it's not about abandoning C or rewriting all utilities. It's a strategic approach to replace security-critical tools with memory-safe alternatives.
Resource: