2015-07-21 10:56 GMT+02:00 Theo de Raadt <[email protected]>: >> Ability to define alias in the doas config file might be nice. Just >> like ssh with the ssh_config file. > > I have always wanted a .lsrc file, which would allow me to override > the special options for ls, as well. That's kind of what you are > talking about, right? > > No, I think you are serious. > > And so let's say code is written to support an alias. And let's > say it has a bug. It runs as setuid root. > > Do you understand what happens next? > > If you want software to do everything, eventually it will do everything > including what you cannot afford. >
To be honest, I haven't thought about what would happen if there is a bug. The idea was to allow a set of key which would be replaced with another value. Nothing more. I would call 'doas pkg' and doas would work with /usr/sbin/pkg_add instead of pkg. But it is a better idea to let the job of expand value to the shell. Less code running with setuid root, the better. Thanks for correcting me.
