In lieu of recent CVEs: When can we expect
by @mwlucas to arrive?
Maybe in a similar fashion like `ed(1)` Mastery?
I'm afraid that tedu's bootlegged "doas Mastery" has ruined the market.
@MacLemon @mwlucas is doas significantly lower attack surface? I’ve also seen please (RIiR) https://lib.rs/crates/pleaser which is regex based. That’s a plus for me but likely not for many other people.
Doas definitely presents a smaller attack surface than anything with regexes.
@dch @MacLemon @mwlucas it doesn't (and will never) support PAM. So uhm, yes.
@florian @MacLemon aaah yes the giant security hole of PAM....
Perhaps anything large enough for @mwlucas to write a book about is almost certainly untrustworthy?
- OS [x]- network [x]- DNS [x]- orcs [x]- BSDcan [x]- git [x]...
@dch @florian @MacLemon
Orcs are entirely trustworthy. In their orcish way. They behave according to the spec.
chaos.social – a Fediverse instance for & by the Chaos community