Re: Yet Another New systemd Feature

Liste des GroupesRevenir à col misc 
Sujet : Re: Yet Another New systemd Feature
De : mh+usenetspam1118 (at) *nospam* zugschl.us (Marc Haber)
Groupes : comp.os.linux.misc
Date : 07. May 2024, 20:59:22
Autres entêtes
Organisation : private site, see http://www.zugschlus.de/ for details
Message-ID : <v1e16r$1jc7c$1@news1.tnib.de>
References : 1 2 3 4 5 6
User-Agent : Forte Agent 6.00/32.1186
D <nospam@example.net> wrote:
Since you are the expert witness... what is the point of OpenBSD:s doas
instead of sudo? If the two were to battle to the death with the lirpa,
which one would win?

runas is much simpler and thus has less attack surface. Sudo has a
complex parser of a historically grown configuration file format, a
plugin interface. I'd rather not have that in a suid root binary.

When I took over sudo maintenance in Debian, I was strongly
considering to migrate my own systems to doas because of the smaller
attack surface, but than decided that I need to eat my own dog food
and stayed with sudo.

Greetings
Marc
--
----------------------------------------------------------------------------
Marc Haber         |   " Questions are the         | Mailadresse im Header
Rhein-Neckar, DE   |     Beginning of Wisdom "     |
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 6224 1600402

Date Sujet#  Auteur
7 May 24 * Re: Yet Another New systemd Feature5Fritz Wuehler
7 May 24 `* Re: Yet Another New systemd Feature4Marc Haber
7 May 24  `* Re: Yet Another New systemd Feature3D
7 May 24   `* Re: Yet Another New systemd Feature2Marc Haber
8 May 24    `- Re: Yet Another New systemd Feature1D

Haut de la page

Les messages affichés proviennent d'usenet.

NewsPortal