postmarketOSWe're reverting back from doas to sudo, this time choosing sudo-rs as our implementation.
Read our latest blog post for our reasoning.
https://postmarketos.org/edge/2026/03/18/sudo-rs-instead-of-doas/
sarah tonin 
@postmarketOS leaving doas for sudo-rs for security is a bit of a wild take
sudo-rs is the least secure of the three, as of this moment
princess pancake 
@natty @postmarketOS sudo-rs is new and doesn't have the history of bugfixes of sudo, and doas is much simpler in design than either of the two others, therefore having a smaller and more straightforward codebase
even without any vulnerability, a sudo implementation will always be less secure than something like doas, as the config format is significantly more complex, and therefore more prone to user errors
witch_t *navi@natty @postmarketOS @SRAZKVT
sudo itself is wildly complex, with a huge machinery for policy decision making, sudo-rs is that, but with fresh untested code
doas is so simple there's not a lot of places for really bad bugs to happen
though the truly "secure" solution is something that isn't setuid, skarnet's sudod or ariadne's capsudo likely fair better, but they're also relatively newer projects compared to doas
sudo itself is wildly complex, with a huge machinery for policy decision making, sudo-rs is that, but with fresh untested code
doas is so simple there's not a lot of places for really bad bugs to happen
though the truly "secure" solution is something that isn't setuid, skarnet's sudod or ariadne's capsudo likely fair better, but they're also relatively newer projects compared to doas
LisPi