Ubuntu Is Swapping Out Sudo for a More Secure, Rust-Based Version

Renowned operating system developer Canonical has announced that the upcoming Ubuntu 25.10 release will replace the long-standing default sudo utility with sudo-rs, a reimplementation written in the Rust programming language. This transition will also extend to the forthcoming Ubuntu 26.04 LTS, where the migration will be fully completed.

Ubuntu 25.10 Questing Quokka is scheduled for release on October 9, 2025. The codename carries layered meaning: Questing reflects exploration and pursuit, while Quokka refers to the short-tailed marsupial native to Australia, symbolizing both Canonical’s ongoing development journey and drawing attention to a species currently under ecological threat.

Built in Rust, sudo-rs aims to deliver enhanced security and improved performance compared to its predecessor, eliminating many of the memory management vulnerabilities traditionally associated with C-based utilities. Canonical reports that the sudo-rs team has already finalized essential features ahead of the 25.10 release. These include support for the NOEXEC option, which prevents privileged processes from spawning child processes, and integration with AppArmor profiles, leveraging the Linux Kernel’s security framework to impose stricter process-level restrictions.

Importantly, sudo-rs maintains compatibility with older Linux kernel versions, including 5.9 and earlier, ensuring broad applicability across diverse environments. The development roadmap now focuses on expanding functionality to achieve full feature parity with the original sudo before its complete replacement.

Canonical has further confirmed that Ubuntu 26.10 LTS will also adopt sudo-rs as the default privilege escalation utility. For now, users of daily builds can still revert to the legacy sudo using the following commands:

# Interactive selection
update-alternatives --config sudo  

# Non-interactive switch  
update-alternatives --set sudo /usr/bin/sudo.ws  

Related Posts:

• Microsoft released the PowerShell Core that support MacOS/Linux OS
• Rust Lands in Windows 11 Kernel: A New Era for OS Security?
• Major npm flaw crashes Linux Systems, force users to reinstall

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal

Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy

Do Son

Do Son (aka Ddos) is a seasoned news reporter, bringing over a decade of expertise to the forefront of cyber security and technology reporting. My work provides timely and insightful analysis of emerging trends and critical developments in these rapidly evolving sectors.