Stories with Tag sudo

• Memory-safe sudo to become the default in Ubuntu

  permalink

  Posted: 2025-05-06 11:22:55

  Verbose tl;dr

  Ubuntu is switching its default sudo implementation to a memory-safe version written in Rust. This change, starting with Ubuntu 23.10 "Mantic Minotaur", significantly improves security by mitigating vulnerabilities related to memory corruption, such as buffer overflows and use-after-free bugs, which are common targets for exploits. This Rust-based sudo is developed and maintained by the OpenSSF's Secure Software Supply Chain project, and represents a major step towards a more secure foundation for the widely-used system administration tool.

  The Trifacta Tech blog post "Memory-safe sudo to become the default in Ubuntu" details the upcoming transition in Ubuntu to a memory-safe version of sudo, the ubiquitous command-line utility that allows users to execute commands with elevated privileges. This change, a significant step towards enhancing system security, is being implemented by switching the default sudo implementation from the traditional C version to a rewritten version leveraging Rust, a modern programming language renowned for its memory safety guarantees.

  The blog post highlights the inherent vulnerability of C code to memory-related bugs, such as buffer overflows and use-after-free errors. These vulnerabilities can be exploited by malicious actors to gain unauthorized access to a system, potentially escalating privileges and compromising security. Rust's ownership and borrowing system, along with its strict compile-time checks, effectively prevents these types of memory-related vulnerabilities, making it a compelling choice for security-sensitive applications like sudo.

  Ubuntu's adoption of the Rust-based sudo is part of a broader industry trend towards embracing memory-safe languages for system programming. This movement is driven by the increasing awareness of the prevalence and severity of memory-related vulnerabilities in C and C++ codebases. By switching to Rust, Ubuntu aims to significantly reduce the attack surface of sudo and enhance the overall security posture of its systems.

  The post explains that the transition will be gradual and transparent to most users. The new Rust-based sudo will be installed alongside the existing C version initially, and users will be able to choose which version to use. Eventually, the Rust version will become the default, providing enhanced security by default for all Ubuntu users. This phased approach allows for thorough testing and ensures compatibility with existing systems and workflows.

  The blog post emphasizes the importance of this change in the context of modern security threats, where exploiting memory-related vulnerabilities remains a common attack vector. By adopting a memory-safe implementation of sudo, Ubuntu is taking a proactive step towards mitigating these risks and bolstering the security of its users. The post concludes by highlighting the potential for this transition to serve as a catalyst for wider adoption of memory-safe languages in critical system software.

  • Ubuntu
  • Linux
  • Security
  • sudo
  • Memory Safety
  • Rust
  • system administration
  • Privilege Escalation
  • Software Security
  • Operating Systems

  Summary of Comments ( 69 )
  https://news.ycombinator.com/item?id=43903853

  Verbose tl;dr

  Hacker News commenters generally expressed approval for Ubuntu's move to a memory-safe sudo, viewing it as a positive step towards improved security. Some questioned the significance of the change, pointing out that sudo itself isn't a frequent source of vulnerabilities and suggesting that efforts might be better directed elsewhere. A few expressed concerns about potential performance impacts, while others highlighted the importance of addressing memory safety issues in widely used system utilities like sudo to mitigate even rare but potentially impactful vulnerabilities. The discussion also touched upon the broader trend of adopting Rust for system programming and the trade-offs between memory safety and performance. Several commenters shared anecdotes about past vulnerabilities related to sudo and other core utilities, reinforcing the argument for enhanced security measures.

  The Hacker News post "Memory-safe sudo to become the default in Ubuntu" generated several comments discussing the implications of switching to a memory-safe version of sudo.

  Several commenters expressed strong approval for the move, emphasizing the importance of memory safety in a critical utility like sudo. They highlighted how sudo's privileged position makes it a prime target for exploitation, and how memory safety mitigations can significantly reduce the risk of successful attacks. One commenter specifically mentioned how this change aligns with a broader industry trend towards prioritizing memory safety.

  Some discussion revolved around the choice of Rust as the language for the rewritten sudo. While generally praised for its memory safety features, a few commenters raised concerns about the potential performance overhead and the learning curve for developers accustomed to C. One commenter pointed out that the performance impact is likely negligible for a tool like sudo, which isn't typically performance-critical. Another countered that while Rust's performance is often comparable to C, achieving optimal performance in Rust can require more effort.

  A few comments delved into the technical details of the rewrite, including the challenges of integrating Rust code with existing C codebases. One commenter mentioned the use of bindgen to create safe bindings, acknowledging the complexities involved in such integrations.

  Several commenters expressed hope that other distributions would follow Ubuntu's lead in adopting a memory-safe sudo. The discussion also touched upon the wider adoption of memory-safe languages in system programming, with some suggesting that this move by Ubuntu could signal a significant shift in the industry.

  A couple of comments inquired about the timeline for the transition and the testing procedures in place to ensure a smooth rollout. There was also a brief discussion about the potential impact on existing scripts and configurations, with one commenter suggesting that the changes are unlikely to cause significant disruption.

  Overall, the comments reflect a generally positive reception to the news, with many commenters acknowledging the importance of memory safety in system utilities and praising Ubuntu for taking the lead in this area. While some concerns were raised regarding performance and the learning curve associated with Rust, the overall sentiment leaned towards the long-term benefits of increased security.

• Right to root access

  permalink

  Posted: 2025-01-12 22:53:16

  Verbose tl;dr

  The blog post "Right to root access" argues that users should have complete control over the devices they own, including root access. It contends that manufacturers artificially restrict user access for anti-competitive reasons, forcing users into walled gardens and limiting their ability to repair, modify, and truly own their devices. This restriction extends beyond just software to encompass firmware and hardware, hindering innovation and consumer freedom. The author believes this control should be a fundamental digital right, akin to property rights in the physical world, empowering users to fully utilize and customize their technology.

  The blog post "Right to Root Access" by Medhir explores the multifaceted concept of digital ownership and control, specifically focusing on the implications of restricting root access on devices. The author argues that limiting a user's ability to fully control their own hardware undermines the very notion of ownership, drawing parallels to physical property rights. They posit that if one truly owns a device, they should have the unfettered ability to modify, repair, and utilize it in any manner they see fit, including accessing and altering the root level of the operating system.

  This comprehensive control, often symbolized by "root access," is presented as essential for several key reasons. First, it empowers users to truly personalize their devices, tailoring the software and functionality to precisely match their individual needs and preferences. This level of customization extends beyond superficial changes, enabling deep system modifications and the installation of alternative operating systems.

  Secondly, the post highlights the crucial role of root access in maintaining and repairing devices. The author contends that restricting root access hinders troubleshooting efforts and forces users to rely on manufacturers or authorized service providers, potentially incurring unnecessary costs and delays. This dependency, they argue, further diminishes the sense of ownership and control.

  Furthermore, the blog post emphasizes the significance of root access for security and privacy. While acknowledging potential risks associated with improper use of root privileges, the author argues that knowledgeable users can leverage root access to enhance security by implementing custom security measures, removing potentially unwanted software, and auditing system behavior more effectively. Restricting this access, conversely, can leave users vulnerable to pre-installed bloatware, undisclosed tracking mechanisms, and other potential security compromises.

  The author also addresses the common counterarguments against granting universal root access, such as concerns about user error and potential security vulnerabilities. They acknowledge these risks but argue that they should not outweigh the fundamental right to control one's own property. Instead, they propose that education and responsible disclosure of information are more effective approaches than outright restriction. They suggest that fostering a culture of digital literacy and providing users with the knowledge and tools to safely utilize root access is a more sustainable and empowering solution than limiting their control.

  In essence, the blog post champions the idea of digital self-determination, arguing that true ownership entails the right to fully control and modify one's digital devices, including accessing the root level of the system. This right, they argue, is essential for personalization, maintenance, security, and ultimately, for preserving the fundamental principles of ownership in the digital realm.

  • root access
  • superuser
  • system administration
  • unix
  • Linux
  • Security
  • Operating Systems
  • user privileges
  • sudo
  • administrator rights
  • system management
  • right to repair
  • ownership
  • digital rights
  • software freedom
  • user freedom
  • digital rights management

  Summary of Comments ( 258 )
  https://news.ycombinator.com/item?id=42677835

  Verbose tl;dr

  HN users largely agree with the premise that users should have root access to devices they own. Several express frustration with "walled gardens" and the increasing trend of manufacturers restricting user control. Some highlight the security and repairability benefits of root access, citing examples like jailbreaking iPhones to enable security features unavailable in the official iOS. A few more skeptical comments raise concerns about users bricking their devices and the potential for increased malware susceptibility if users lack technical expertise. Others note the conflict between right-to-repair legislation and software licensing agreements. A recurring theme is the desire for modular devices that allow component replacement and OS customization without voiding warranties.

  The Hacker News post "Right to root access" (https://news.ycombinator.com/item?id=42677835) sparked a discussion with a moderate number of comments, mostly focusing on the practicality and implications of the proposed "right to root access" on personal devices.

  Several commenters questioned the feasibility and potential consequences of such a right. One commenter argued that allowing root access would necessitate a significant redesign of operating systems and applications, leading to increased complexity and potentially reduced security. They highlighted the current model where users choose between convenience and security, suggesting that mandated root access might force a compromise on one or the other.

  The discussion also touched upon the potential for misuse and the difficulty of balancing user freedom with security concerns. One commenter expressed skepticism about the average user's ability to manage root access responsibly, suggesting it could lead to increased vulnerability to malware and other threats. Another raised concerns about the implications for digital rights management (DRM) and the potential conflict with copyright holders.

  Some commenters drew parallels to the "right to repair" movement, arguing that root access is a similar concept applied to software. They emphasized the importance of user control over their own devices and the ability to modify or repair them as needed.

  A more technical discussion emerged regarding the distinction between "root access" and "administrator access," with one commenter clarifying that the author likely meant administrator access. This highlighted a potential ambiguity in the original article's terminology.

  The potential impact on software development was also discussed. One commenter speculated that granting users root access could lead to a shift in software development practices, potentially leading to more modular and customizable systems.

  Finally, some comments expressed support for the general idea of greater user control, but acknowledged the significant challenges in implementing such a right in a practical and secure manner. The overall sentiment seemed to be one of cautious interest, with many acknowledging the theoretical appeal while also recognizing the potential downsides and complexities.