On 27/08/15 19:08, Theo de Raadt wrote:
doas is a one of the few setuid programs. It should try to do a little bit less functionality, because "doing less" is part of the security model. How many users of that functionality will there be? We only need to concern ourselves with the cost; you have to justify the benefit. How many people were doing this with sudo, and how many will need this with doas?
While I understand it's a good idea to limit the possibilities of setuid programs, this patch is not an overly complicated piece of code which does network stuff or interacts with something the original programs doesn't already use. Estimating the number of users which use the feature is quite hard, but I think many people using a yubikey use that feature at some point.
