Privilege boundary
Supporters & funders
Past supporters & funders
Utilities like sudo mediate a critical privilege boundaries on almost every open-source operating system that powers the Internet.
The Privilege Boundary initiative provides alternative that don't suffer from memory safety vulnerabilities and are designed to minimize attack surface.
What We've Done
Our sudo implemention, sudo-rs was first released on Aug 29, 2023. It has since been packaged for Debian, Fedora and Ubuntu. In October 2025, sudo-rs became the default sudo in Ubuntu 25.10.
In late 2025, we started work on a proof-of-concept SSH server implementation in Rust.
Roadmap
See the sudo-rs, allowd and SSH server project pages.
Blog and news
-
Canonical releases Ubuntu 25.10 with sudo-rs as the default sudo
Canonical announced the release of Ubuntu 25.10, codenamed "Questing Quokka". The introduction of Trifecta Tech Foundation's memory-safe sudo delivers many benefits compared to the traditional implementation. For users, a reduced attack surface in the sudo tool will improve Ubuntu’s overall security posture.
Read more ... -
Frequently Asked Questions about sudo-rs
With sudo-rs coming to Ubuntu 25.10, the core team has collected and published the Frequently Asked Questions about sudo-rs. They will be updated if user curiosity calls for it.
Read more ... -
Memory-safe sudo to become the default in Ubuntu
May 6, 2025 – Ubuntu 25.10 is set to adopt sudo-rs by default. Sudo-rs is a memory-safe reimplementation of the widely-used sudo utility, written in the Rust programming language.
Read more ... -
A new home for memory safe sudo/su
Today we're pleased to announce that an open source memory safe implementation of sudo/su — sudo-rs — has a new long-term home at the Trifecta Tech Foundation.
Read more ... -
Providing official Fedora Linux RPM packages for ntpd-rs and sudo-rs
Memory safe NTP and sudo are now in Fedora Linux.
Read more ... -
Sudo-rs dependencies: when less is better
Trifecta Tech Foundation maintainer Ruben Nijveld offers his perspective here on one of the greatest challenges we faced when developing software that can be widely adopted: Rust crate dependencies.
Read more ... -
Testing sudo-rs and improving sudo along the way
Faced with the task of re-implementing sudo, one of the questions that came up early on was: how do we verify that sudo-rs behaves just like the original sudo?
Read more ... -
Re-implementing Sudo in Rust
A drop-in replacement for all common modern use cases of sudo.
Read more ... -
Two core Unix-like utilities, sudo and su, are getting rewrites in Rust
Two of the most fundamental tools of the modern Unix-like command line, sudo and su, are being rewritten in the modern language Rust as part of a wider effort to get critical but aging infrastructure pieces replaced by memory-safe counterparts.
Read more ...