A Brief Introduction for sudo alternatives -- doas and polkit
sudo is a commonly used linux command which grants a command with root
permission temporarily. However, as its code is bloated and complicated
settings, it usually happens of misconfiguration, not mention to commonly
reports about vulnerabilities including the latest one .
As a consequence, there are many alternatives of
sudo not only to avoid
security vulnerabilities but also configuration in simplicity.
On famous substitution is
doas. Originated from freeBSD,
doas aims to
provide a lightweighted package and less complex setting for grant root
If you want to try
doas, you can install it either with your distro’s
package manager or here.
Seen commonly in RHEL distro,
polkit is yet-another substitution of
sudo, it does not grant root permission to a whole
process, but allows a finer control of control of centralized
system policy .
polkit restricts actions – such as running
dd – and
users by group or by name. 
sudo is used for granting temporary root permission for a process.
However, due to its complex configuration and code size, we often get
the news about its vulnerabilities. As a result, there are a lot of
sudo substitution aims either simple configuration or less code size,
or even both. In this article, I introduce two of them:
Nevertheless, many of
sudo substitution, including
are not fully tested in harsh condition. So if you want to use these
alternatives in production, measure your risk!