this post was submitted on 01 Jul 2023
4 points (100.0% liked)

linuxmasterrace

2051 readers
1 users here now

A community for Linux enthusiasts.

May your htop stats be low and your beard grow long

Welcome to !linuxmasterrace@feddit.de former r/linuxmasterrace members and existing Lemmyverse citizens: Feel free to join the newly created !linuxmasterrace@feddit.de community.

Let’s make the full transition to the decentralized Fediverse!

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] zicrons@sopuli.xyz 2 points 1 year ago (1 children)

It is a much simpler program than sudo. A simpler and less complicated implementation means less vulnerabilities.

sudo had some serious vulnerabilities in the past: https://www.helpnetsecurity.com/2021/01/27/cve-2021-3156/

[–] blackstrat@lemmy.fwgx.uk 1 points 1 year ago* (last edited 1 year ago) (2 children)

Can you actually remove sudo from a system without breaking stuff? I can image there's some stuff, scripts etc that depends on it. Unless you can alias it away?

[–] Redjard@lemmy.dbzer0.com 2 points 1 year ago

Used doas for about 4 years now and never had an issue like that. The default config passes environment variables differently to sudo, but after I added the correct setting for that to doas.conf it has been identical to sudo in everything.

If it caused issues for you you could link sudo to doas in bin, no script should ever use sudo -i right?

[–] zicrons@sopuli.xyz 1 points 1 year ago

I use my Linux system without sudo, it does break some (badly written) scripts. You can fix it by either creating a symlink in your path or replacing sudo to doas on those scripts.

But I rarely encounter these issues. Usually system applications won't be affecting by a missing sudo binary, as their privileges are typically managed by polkit or similar.