On Mon, Jul 27, 2015 at 02:55:34PM +0300, Gregory Edigarov wrote: > Thanks for showing that to me, Marc. Will think on how to implement that in > a more secure way. I think I need to add a token based check? Correct?
I don't think you get what I'm saying. I don't think there's any way to implement that such that it would be: - secure, - simple. thus, I don't think it belongs in doas. This is what sthen@ is also trying to tell you. We removed sudo from the base tree for a main reason: excessive complexity.
