Would doas be more secure to use than sudo?

It is argued that sudo has become a large (and bloated) program over the years. And as its code has grown, the probability and the reality of exploits being found has only increased.

This video back a year ago mentions one of the latest security vulnerabilities in sudo’s code. And it suggests the use of doas command for assuming administrator privileges.

doas is advertised as having 95% of sudo’s features yet having a much more minimal codebase (source: $ apt show doas). So, would using doas provide security benefits to QubesOS users? Could doas be the default way of achieving admin priv’s in dom0 within QubesOS in the near future?

doas isnt available for Fedora 32, current dom0.
It’s good in templates and qubes, though.
I havent seen any evaluation of the code.

1 Like

Let’s say doas becomes available in Fedora of choice of dom0. Would it be an easy process to migrate to doas? Or, do the existing setup and maintenance scripts of QubesOS require sudo-specific functionalities?