I reviewed rust-sudo-rs 0.2.5-5ubuntu2 as checked into questing. This shouldn't
be
considered a full audit but rather a quick gauge of maintainability.
rust-sudo-rs is a re-implementation of sudo and su written in Rust.
- CVE History
- The package has only 3 CVEs.
- 1 CVE has been fixed in version 0.2.0
- 2 CVEs have been fixed in version 0.2.6. Latest version we have is 0.2.5.
I recommend upgrading in devel to 0.2.6 or 0.2.7 since it also comes with
an apparmor profile feature.
- Build-Depends
- debhelper-compat (= 13)
- dh-sequence-cargo
- libpam-dev
- pandoc [!i386]
- cargo:native
- rustc:native (>= 1.70)
- libstd-rust-dev
- and vendored packages:
- diff@0.1.13
- glob@0.3.2
- libc@0.2.171
- log@0.4.27
- pretty_assertions@1.4.1
- yansi@1.0.1
- pre/post inst/rm scripts
- ok
- init scripts
- no flaws found
- systemd units
- none
- dbus services
- none
- setuid binaries
- no flaws found
- binaries in PATH
- su, sudo, and visudo
- sudo fragments
- no flaws found
- polkit files
- none
- udev rules
- none
- unit tests / autopkgtests
- it has tests and run at build time.
- cron jobs
- none
- Build logs
- no flaws found
- Processes spawned
- no flaws found
- Memory management
- no flaws found
- File IO
- no flaws found
- Logging
- no flaws found
- Environment variable usage
- no flaws found
- Use of privileged functions
- no flaws found
- Use of cryptography / random number sources etc
- no flaws found
- Use of temp files
- no flaws found
- Use of networking
- none
- Use of WebKit
- none
- Use of PolicyKit
- none
- Any significant cppcheck results
- none
- Any significant Coverity results
- none (coverty does not suppport rust)
- Any significant shellcheck results
- none
- Any significant bandit results
- none
- Any significant govulncheck results
- none
- Any significant Semgrep results
- none
The latest version we have is 0.2.5. This version does not support NOEXEC
and sudo edit.
Version 0.2.6+ has a cargo feature to enable an AppArmor profile and supports
NOEXEC. We might want to enable that feature for future releases when
building the deb pkg. Version 0.2.6 also fixes two low CVEs.
Upstream maintains a list of relevant CVEs that affected sudo in the past,
and double-check that sudo-rs is not affected when implementing new features.
https://github.com/trifectatechfoundation/sudo-rs/blob/main/docs/sudo-cve.md.
They update the list when they introduce new features.
Upstream recently performed an external code audit:
https://github.com/trifectatechfoundation/sudo-rs/blob/main/docs/audit/audit-report-sudo-rs.pdf
Upstream has a SECURITY.md with proper information on how to contact them if
you need to report a security issue. We reached out to them to discuss
something that caught our attention, and they replied in about 1 hour.
This was a bug related to NOEXEC and sudo --list, which has been addressed
promptly.
The edit flag (-e) has not been implemented.:
e.g.:
$ sudo-rs -e /test
error: `--edit` flag has not yet been implemented
When installing it on Questing, I did not have the smoothest experience:
$ sudo apt install sudo-rs
Solving dependencies... Error!
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:
Unsatisfied dependencies:
sudo-rs : Breaks: sudo (< 1.9.16p2-1ubuntu2~)
Error: Unable to satisfy dependencies. Reached two conflicting decisions:
1. ubuntu-minimal:amd64 is selected for install
2. ubuntu-minimal:amd64 Depends sudo
but none of the choices are installable:
- sudo:amd64=1.9.16p2-1ubuntu1 is not selected for install because:
1. sudo-rs:amd64=0.2.5-5ubuntu1 is selected for install
2. sudo-rs:amd64 Breaks sudo (< 1.9.16p2-1ubuntu2~)
- sudo-ldap:amd64=1.9.16p2-1ubuntu1 is not selected for install because:
1. sudo-rs:amd64=0.2.5-5ubuntu1 is selected for install as above
2. sudo-rs:amd64 Breaks sudo-ldap (< 1.9.16p2-1ubuntu2~)
Security team ACK for promoting rust-sudo-rs to main. We recommend upgrading
to the latest upstream version to fix 2 CVEs and gain the NOEXEC feature, and
the apparmor feature.
** Changed in: rust-sudo-rs (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2113928
Title:
[MIR] rust-sudo-rs
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rust-sudo-rs/+bug/2113928/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
