OpenDoas
nomicon
OpenDoas | nomicon | |
---|---|---|
29 | 87 | |
600 | 1,693 | |
- | 2.2% | |
0.0 | 5.6 | |
about 2 months ago | 29 days ago | |
C | CSS | |
GNU General Public License v3.0 or later | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
OpenDoas
-
A simple guide for configuring sudo and doas
Aditionally,because doas was developed for OpenBSD,it also retains some of its quirks,like how user-installed executables are stored in /usr/local/bin,in contrast to /usr/bin where Linux stores them. As a result,doas can have problems on Linux so the following workaround can be used:
-
The First Stable Release of a Rust-Rewrite Sudo Implementation
https://github.com/Duncaen/OpenDoas/issues/106
That's a pretty severe unsolved security issue.
-
Doas โ dedicated OpenBSD application subexecutor
2. https://github.com/Duncaen/OpenDoas/blob/master/timestamp.c
-
Testing the memory safe Rust implementation of Sudo/Su
If you want to move away from Sudo, but don't want to try this rust implementation just yet, I have had great success with OpenBSD's doas. It has been ported to every Linux distro I know of as well:
https://github.com/Duncaen/OpenDoas
-
Doas Mastery (2019)
There are, at both ends. Both the "script kiddies" who cannot deviate from scripts because they lack almost any knowledge at all; and the knowledgeable ones who know that there are subtle differences between sudo and doas which require doing things slightly differently to achieve the same effect.
* https://github.com/Duncaen/OpenDoas/issues/116#issuecomment-...
-
Help me on gentoo
Doas makes more in openbsd world In linux there are many api that need to be changed for porting, i'm no expert but the port might be flawed as not many developers has checked the codebase And how can you explain this vulnerability https://github.com/Duncaen/OpenDoas/issues/106
-
Linux users who are paranoid about security.... what's your opinion about OpenBSD?
Personally I'd prefer running Qubes OS, if only my device would have been more powerful. Currently I'm on Fedora Silverblue as I believe it provides a decent middle-ground in which I'm more secure than almost any other Linux distro while not losing any (meaningful) functionality. I do make use of doas and other technologies inspired from OpenBSD to further enhance the security.
-
Sudo and Su Being Rewritten in Rust for Memory Safety
Why not port https://github.com/Duncaen/OpenDoas to rust instead?
If the goal is security, then there is more to it than just using a memory safe language. Otherwise the result of this, possibly unwittingly, seems performative.
- Bringing Memory Safety to sudo and su
- Using doas instead of sudo on Debian 11
nomicon
-
[Media] I'm comparing writing a double-linked list in C++ vs with Rust. The Rust implementation looks substantially more complex. Is this a bad example? (URL in the caption)
itโs even written by the same person that wrote the Nomicon (the guide to the dark arts of unsafe)
-
Rust books to read
If you want to dive deeper you can always have other options but now there are concrete cases, if you want to do low level thing https://doc.rust-lang.org/nomicon/ while if you want multi thread/concurrency stuff https://marabos.nl/atomics/ . There are many many books so you will have to point yourself to what you want
-
Thread-shared boolean flag
Nonononono. SeqCst is the most error prone memory order: https://github.com/rust-lang/nomicon/issues/166
-
[Media] Hashmap behaviour inside a loop due to lifetime issue
Hope this helps. For more details, see the Rustonomicon. I referenced the subtyping chapter here extensively.
-
Unsafe Rust
Nice video! Glad I could help out. This stuff is hard, and I'm still learning a lot about it myself even years later. The Rustonomicon is a great read if you haven't already.
-
Stepping up the YAML engineer game
Have you got a moment to read through the good book , after reading through this perhaps try the Rustonomicon.
- Questions about ownership rule
-
CppCon 2022 Best Practices Every C++ Programmer Needs to Follow โ Oz Syed
That is not what UB means. Undefined Behaviour is behaviour that the compiler is allowed to assume will never happen, and which can consequently cause miscompilations due to optimisation passes gone wrong if it does in fact occur in the source code.
It's true that Rust does not have a written specification that clearly delineates what is and isn't UB in a single place. But:
1. UB is impossible in safe code (modulo bugs in unsafe code)
2. There are resources such as the Rustinomicon (https://doc.rust-lang.org/nomicon/) that provide a detailed guide on what is and isn't allowed in unsafe code.
In practice, it's much easier to avoid UB in Rust than it is in C++.
-
How to write deserializer for custom binary protocol?
However, this is a wide topic out of scope for a Reddit comment, so maybe just read the Rustonomicon. It explains everything about data handling in Rust.
-
Performance critical ML: How viable is Rust as an alternative to C++
The ownership model & borrow checker makes rust a bit of an awkward language in which to write complex data structures like trees and graphs. It can be done - since you can always use raw pointers & unsafe code when you absolutely need to to treat rust like C. But the language fights you, and the community can get a bit moralistic about this sort of thing. The rust nomicon is a fantastic resource for learning the limits of the borrow checker, and where and how to use unsafe code correctly. You will need unsafe less than you think you will, but sometimes you will have no choice.
What are some alternatives?
doas - A port of OpenBSD's doas which runs on FreeBSD, Linux, NetBSD, and illumos
book - The Rust Programming Language
runas - An alternative to sudo and doas written in Rust
mdBook - Create book from markdown files. Like Gitbook but implemented in Rust
nixpkgs - Nix Packages collection & NixOS
rust-ffmpeg - Safe FFmpeg wrapper.
bedrocklinux-userland - This tracks development for the things such as scripts and (defaults for) config files for Bedrock Linux
Theseus - Theseus is a modern OS written from scratch in Rust that explores ๐ข๐ง๐ญ๐ซ๐๐ฅ๐ข๐ง๐ ๐ฎ๐๐ฅ ๐๐๐ฌ๐ข๐ ๐ง: closing the semantic gap between compiler and hardware by maximally leveraging the power of language safety and affine types. Theseus aims to shift OS responsibilities like resource management into the compiler.
tako - Run commands as another user
Exercism - website - The codebase for Exercism's website.
koyo - Run commands as another user
miri - An interpreter for Rust's mid-level intermediate representation