Theo Buehler wrote: > I'm probably missing something, but from reading your implementation of > checktimeout() it seems that you can easily cumvent the password prompt > using something like this (assuming the timeout is enabled for the > user):
And this is why this feature is not included in doas. It is hard to get right and trivial to get wrong.
