Follow

In lieu of recent CVEs: When can we expect

`doas(1)` Mastery

by @mwlucas to arrive?

Maybe in a similar fashion like `ed(1)` Mastery?

@MacLemon what's really funny is Todd Miller, the core author of sudo, is an OpenBSD dev

@MacLemon

I'm afraid that tedu's bootlegged "doas Mastery" has ruined the market.

@MacLemon @mwlucas is doas significantly lower attack surface? I’ve also seen please (RIiR) lib.rs/crates/pleaser which is regex based. That’s a plus for me but likely not for many other people.

@dch @MacLemon

Doas definitely presents a smaller attack surface than anything with regexes.

@dch @MacLemon @mwlucas it doesn't (and will never) support PAM. So uhm, yes.

@florian @MacLemon aaah yes the giant security hole of PAM....

Perhaps anything large enough for @mwlucas to write a book about is almost certainly untrustworthy?

- OS [x]
- network [x]
- DNS [x]
- orcs [x]
- BSDcan [x]
- git [x]
...

@dch @florian @MacLemon

Ahem.

Orcs are entirely trustworthy. In their orcish way. They behave according to the spec.

Sign in to participate in the conversation
chaos.social

chaos.social – a Fediverse instance for & by the Chaos community