Warning: Some posts on this platform may contain adult material intended for mature audiences only. Viewer discretion is advised. By clicking ‘Continue’, you confirm that you are 18 years or older and consent to viewing explicit content.
I’ve been using sudo-rs as a drop-in replacement for sudo, it works well. The codebase is like 1/5 of the size, it drops some of the crazier features of sudo, extremely minimal dependencies, and it’s all written in memory-safe rust. NixOS also has an option for setting the sudo binary to be executable by wheel only, so the attack surface is very small.
I’ve been using sudo-rs as a drop-in replacement for sudo, it works well. The codebase is like 1/5 of the size, it drops some of the crazier features of sudo, extremely minimal dependencies, and it’s all written in memory-safe rust. NixOS also has an option for setting the sudo binary to be executable by wheel only, so the attack surface is very small.
https://www.memorysafety.org/initiative/sudo-su/ https://github.com/memorysafety/sudo-rs https://search.nixos.org/options?channel=24.05&size=50&sort=relevance&type=packages&query=sudo-rs