Not much, just says sudo-rs instead of sudo, and it’s memory safe. I think there might be some missing features for really advanced multi-tenant setups, but for single user machines, it’s the perfect successor to sudo.
nixos also supports giving the sudo binary a setuid flag that only allows members of the wheel group to use sudo, preventing any privilege escalation attacks from your services/servers.
What’s the difference from your normal
sudo?I can actually read the code
Not much, just says sudo-rs instead of sudo, and it’s memory safe. I think there might be some missing features for really advanced multi-tenant setups, but for single user machines, it’s the perfect successor to sudo.
nixos also supports giving the sudo binary a setuid flag that only allows members of the wheel group to use sudo, preventing any privilege escalation attacks from your services/servers.