On 09/19/15 23:58, Ted Unangst wrote:
Martijn van Duren wrote:
Hello tech@,
The following patch adds $PATH resolving to doas. This has two advantages:
1) People are forced to configure doas with a full path, which makes
sure that applications can't be spoofed by users changing their $PATH to
a writeable location and making copies of other (potential dangerous)
binaries to said directories
2) People who were already using full paths in doas.conf(5) are now
allowed to run `shutdown` as a simple `shutdown` instead of typing
`/sbin/shutdown` every time.
I don't see what problem this solves. If users are restricted to particular
commands, doas already enforces that they be in a system path. On the other
hand, this diff seems to make configuration harder and more fickle.
The solution is so elegant I've overlooked it. I guess I'm still a
little too much in the sudo mindset.
Sorry for the noise.
