Skip to content

allow using doas instead of sudo

sudo has its fair share of CVE and privilege escalation vulnerability. OpenBSD doas is an alternative that's sometimes preferred and is believed to be safer. Note doas made its way into Alpine main repo, just like sudo.

Alpine devs don't seem to be fond of sudo. Here are excerpts form #alpine-devel. This is not to be alarmist. I think sudo will probably stay around for some time.

2021-01-26 18:24:58 <jvoisin> https://www.sudo.ws/alerts/unescape_overflow.html
2021-01-26 18:25:01 <jvoisin> https://www.openwall.com/lists/oss-security/2021/01/26/3
2021-01-26 18:26:16 <ikke> ouch
2021-01-26 18:27:02 <jvoisin> don't use sudo :/
2021-01-26 18:27:21 <ikke> I'm switching to doas
[…]
2021-01-26 19:04:20 <ikke> fun times
2021-01-26 19:05:55 <ikke> maybe it's time to demote sudo to community :-)
[…]
2021-01-26 21:55:59 <ddevault> I wrote this on the subject of doas vs sudo: https://paste.sr.ht/~sircmpwn/c6478737cfb459f84e22737f45cd0b6912e52055
[…]
2021-01-26 23:24:13 <Ariadne> ddevault: i think it would be good to deprecate sudo in alpine

Another month:

2021-06-11 06:02:49 <mps> mine (and not only mine) observation 'at work'. simpler systems/things are more secure than complicated ones
[…]
2021-06-11 06:25:34 <ncopa> mps: indeed. thats why i prefer doas over sudo

later that month

2021-06-29 20:50:49 <c705> So when will sudo be removed?
2021-06-29 20:50:54 <ikke> c705: yesterday
2021-06-29 20:51:11 <Ariadne> i mean, i would like sudo to be removed :D
2021-06-29 20:51:15 <MathGeniusJodie> same
2021-06-29 20:51:34 <c705> these are nice ideas, but I don't have alternatives
2021-06-29 20:51:43 <Ariadne> you literally do with sudo
2021-06-29 20:51:46 <Ariadne> it is called `doas`

tl;dr: sudo bad.

We can provide a choice at run time. For example, abuild has some operations that needs root, the usual recommended trick is SUDO=doas abuild …. See https://gitlab.alpinelinux.org/alpine/abuild/-/blob/master/abuild-keygen.in#L11. We can probably use a similar trick for pmbootstrap.

Providing an alternative to sudo would be good. The further step would be not needing root at all for most operations, and that would solve this issue too. See #2052 for the follow up

Edited by Administrator
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information