I'm not sure whether this is a misunderstanding on my side or a bug.
Suppose I have the following /etc/doas.conf
$ cat /etc/doas.conf
permit nopass theo cmd /usr/bin/touch args /tmp/doastest/foo
I would expect from the excerpt
as target The target user the running user is allowed to run the
command as. The default is root.
from doas.conf(5). That I can run
$ /usr/bin/doas /usr/bin/touch /tmp/doastest/foo
and maybe
$ /usr/bin/doas -u root /usr/bin/touch /tmp/doastest/foo
However, I have another user
$ user info builder
login builder
passwd *
uid 1005
groups builder wheel wsrc
change NEVER
class pbuild
gecos builder
dir /nonexistent
shell /sbin/nologin
expire NEVER
And doing the following experiment yielded an unexpected result:
$ pwd
/tmp/doastest
$ ls -al
total 8
drwxrwxrwx 2 theo wheel 512 Jul 27 14:38 .
drwxrwxrwt 10 root wheel 1024 Jul 27 14:30 ..
$ /usr/bin/doas -u builder /usr/bin/touch /tmp/doastest/foo
1832 14:35 doastest $ ls -l
total 0
-rw-r--r-- 1 builder wheel 0 Jul 27 14:35 foo
$
So omitting [as identity] allows me to run as every user, not just as
root? Is this intentional?
