may I humbly suggest the addition of an alias switch in the doas command. It would serve to shorten the command into something shorter and perhaps more memorable. I don’t think there are security implications as such but I’m no expert on security. I think it’s neater to have this functoinality tied to the doas.conf file.
I don’t think this complicates the simple design of doas. It can add a lot to the usability experience though. The alias name could serve as a self documenting name of the custom intention as defined by the administrator and executed by the user.
An aside: is it possible to configure a doas.conf rule that ignores additional switches added at the command line? I’m not seeing it in the man page for doas.conf. doas.conf states that having an empty args option would satisfy the requirement:
> args [argument ...]
Arguments to command. The command arguments provided by the
user need to match those specified. The keyword args alone
means that command must be run without any arguments.
On the other hand, doas man page doesn’t have an entry defining what happens when [args] are specified: