The cross-platform port of doas, opendoas, has a persist feature that basically caches the user's password so they don't have to enter it repeatedly. It seems like many people consider this insecure.
As I understand it, BSD has some fancy kernel feature to do persistence securely. Linux does not, hence opendoas reimplements its own persistence. It uses an approach similar to sudo (which AFAIK creates files and relies on Linux permissions to keep the cache file from being manipulated).
How is this any worse than sudo? If it uses the same persistence mechanism as sudo, doesn't that still mean doas has all the advantages that it would without persistence, minus the very minor one related to persistence?
