> Is there a timeline for the sudo->doas transition? The sudo port could > be imported early, I'd say.
I think we should create the gap, first. I am not positive if doas is exactly the right path replacement. I still wish there was some sort of privsep for the parsing. And about whether this should be built into su (result being one careful setuid binary, rather than two). First versions of it did the authentication dance subtly wrong, that's why I worry about new code doing this. I also don't particularily like Ted's language for doas much; I hear the justifications, but it feels *too basic*. It lacks strong keywords to seperate commands from options like our other DSL's and thus may prove difficult to extend in the future.
