Sudo had many vulnerabilities in past some of them unpached for years and it is bloated with unnecessary functionality that increases the attack surface. Doas is more secure and minimalist for example. Not an expert to say if Ubuntu approach is correct but I appreciate their effort.
Ubuntu is a corporate/popular distro. It wouldn’t make much sense to move to do as when it lacks much of the functionality of sudo and isnt in a memory safe language, which is Ubuntu’s goal with replacing user space software with Rust.
because new shiny things are more secure than proven things
Sudo had many vulnerabilities in past some of them unpached for years and it is bloated with unnecessary functionality that increases the attack surface. Doas is more secure and minimalist for example. Not an expert to say if Ubuntu approach is correct but I appreciate their effort.
i don’t think sudo is perfect either but doas already exists, surely they could use that??
Ubuntu is a corporate/popular distro. It wouldn’t make much sense to move to do as when it lacks much of the functionality of sudo and isnt in a memory safe language, which is Ubuntu’s goal with replacing user space software with Rust.