SECURITY CONSIDERATIONS
=======================

1. commands must be given by absolute path, that's because if you do otherwise
	nopassword commands could be hijacked:

	in the config:
		nopass badguy as root cmd zzz
	in the shell:
		~ $ export PATH=/home/badguy/test:$PATH
		~ $ mkdir test
		~ $ printf '#!/bin/sh\nrm -rf --no-preserve-root' > test/zzz
		~ $ chmod +x test/zzz
		~ $ us zzz  #this deletes the filesystem without password!

IDEA 1
======

# this is a comment
# rules are goruped by user/group
# rules are structured somewhat like json, example:

# Only 'command' is allowed to run without a password, all the rest is blocked
ale {
	allow {
		command nopass
	}

	deny {
		/.*/
	}
}

IDEA 2 - THE DOAS WAY
=====================

# this is a comment
# every line is a rule
# rules are structured like this:

permit|deny [options] identity [as target] [cmd command [args ...]]

# look at doas.conf(5) for more information

IDEA 2-3
========

# reverse-doas way
-> identity permit|deny [command [args ...]] [options]

# but how would I distinguish between command and options? 
-> identity [options] permit|deny [command [args ...]]

# spaces are not a very good separatow when in comes to commands
-> identity,[options],permit|deny,[command [args ...]]

#
# this is kinda similar to a crontab, basically options are required
#

  # config structure:
  -> identity options as action [command [args ...]]
        ^        ^     ^   ^
     can be *    |     | permit, deny  
     can be nil (NULL) |
                     can be *
  
  # permit user "ale" to execute command "shutdown" as root without password:
    -> ale nopass root permit shutdown
  # permit members of the wheel group to execute any comands as any user:
    -> :wheel nil * permit
  # deny users of the wheel group to execute commands that begin with "sys":
  # this could be circumvented by having the command inside a shell script
    -> :wheel nil * deny /sys.*/
  # deny all users to execute all comands as any other user
    -> * nil * deny
#
# let's scramble things up to make more sense
#
     [action] options identity as [command [args ...]]
        ^        ^      ^    ^
        |        |  can both be * (any)  
        |  can be none, comma separated
      none: permit
      '!': deny (negate rule)

  # allow users of the wheel group to execute any command as root:
    -> none :wheel root
  # deny all users to execute commands that start with "sys"
    -> ! none * * /sys.*/

IDEA 3 - THE SUCKLESS WAY
=========================

configuration should happen inside a source file called config.h, to apply
changes to the configuration the program has to be recompiled