I see people talking about doas saying it’s just like sudo but with less features. I’m just wondering if there is any situation where you should use doas or if it’s just personal preference.

  • billgamesh@lemmy.ml
    link
    fedilink
    arrow-up
    4
    ·
    7 months ago

    I mean, that’s one of the things that definitely needs permissions, right? You’re overwriting system config and executables for all users on your system. Otherwise a malicious actor could just replace firewall configs, or embed malicious code into your executables. If not /bin and /etc what else should need privileges?

    • Pantherina@feddit.de
      link
      fedilink
      arrow-up
      4
      ·
      7 months ago

      On a mutable distro maybe but also no. You need to update your system, always. The updates come from the distro, and you only invoke your privileged package manager to do these changes for you. Its not privileged.

      If a malicious actor is able to replace package repos that your package manager uses, for example an infected server in the same network, this would be the only way to inject arbitrary stuff by using dnf update or rpm-ostree update.

      Installing software and updating the already existing is very different.