Ubuntu Linux swapping classic sudo for Rust-powered sudo-rs


Canonical is making a huge change in Ubuntu that longtime Linux users might not expect (or like). You see, beginning with the upcoming Ubuntu 25.10, the popular Linux distribution will begin the process of ditching the classic sudo tool in favor of a modern reimagining called sudo-rs. This change is more than a simple code swap -- it’s a sea change in how privilege escalation is handled on Linux, with a clear focus on security and long-term sustainability.
So what exactly is sudo-rs? Well, as the name implies, it’s a new implementation of the familiar sudo command, but this version is written entirely in Rust -- a programming language known for its strict memory safety and reliability. If you’re worried about compatibility, don’t panic; sudo-rs is designed as a drop-in replacement for the original. For most users, it will just work.
That being said, sudo-rs isn’t trying to replicate every obscure corner of the original. Some niche features might be left behind, particularly if they’re seen as outdated or rarely used. The goal here isn’t to recreate the past -- it’s to move Linux infrastructure forward.
Canonical isn’t rushing this, thankfully. The 25.10 release is a proving ground, and not a permanent lock-in. Feedback will be gathered, bugs squashed, and the original sudo will still be available for those who want or need it. If all goes well, the plan is to make sudo-rs the standard in Ubuntu 26.04 LTS.
But that’s not the only Rust-based overhaul coming to Ubuntu. Canonical is also working on replacing GNU coreutils with uutils coreutils -- another Rust project. Core utilities like ls, cp, and mv are getting a Rust rewrite too, with support for SELinux and proper internationalization in the pipeline. These changes shouldn’t break workflows. And don’t worry, Ubuntu will offer packages that make it easy to switch back to the old versions if needed.
Believe it or not, Canonical is even exploring switching out GnuPG for SequoiaPGP -- a Rust-based OpenPGP implementation that sticks to the spec, unlike GnuPG, which recently forked away from the standard. That’s still in the exploratory phase, but it gives you a sense of where Ubuntu is heading: toward a future where memory safety is baked in at the system level.
To be clear, this doesn’t mean C is being tossed in the trash. Canonical isn’t rewriting the entire operating system. But when it comes to tools that sit at the heart of Linux (especially those with root access) it’s clear the company wants safer, more sustainable code powering those components. And rightfully so.
Canonical is clearly sending a message with these changes: the future of Linux infrastructure should be safer, smarter, and built with modern tools. Whether the rest of the Linux world follows suit remains to be seen.