[HN Gopher] Sudo for Windows
___________________________________________________________________
Sudo for Windows
Author : zadjii
Score : 102 points
Date : 2024-02-08 18:16 UTC (4 hours ago)
(HTM) web link (devblogs.microsoft.com)
(TXT) w3m dump (devblogs.microsoft.com)
| zadjii wrote:
| Yep, it's really happening. Sudo is coming to Windows. It's
| obviously not just a fork of the linux sudo - there's enough
| that's different about the permissions structure between OS's
| that just a straight port wouldn't make sense. But the dream of
| being able to run commands as admin, in the same terminal window
| - that's the experience we're finally bringing to users.
|
| I've been working on this for the last few months now and I'm
| pretty excited to talk about it or answer any questions!
| SushiHippie wrote:
| Can you share if this will ever come to Windows 10, or will it
| be a Windows 11+ exclusive thing?
| starik36 wrote:
| Same here. Would love it on Windows 10 and Windows Server
| 2016+.
| blactuary wrote:
| My left leg for Windows Terminal on Server 2016
| vidanay wrote:
| I'm not even sure Win11 is on my company roadmap, much less
| anything cutting edge like an insiders release. Windows 10
| Enterprise compatibility is pretty much required for
| widespread adoption of Sudo for Windows.
| pixel16 wrote:
| Windows 10 is EOl next year. I would bet your company has
| plans to move to 11 at some point in the near future. I
| work with customers daily to help to move to 11
| FirmwareBurner wrote:
| _> I work with customers daily to help to move to 11_
|
| What issues are your customers having that they need
| profesional help to upgrade to a new Windows OS?
| zadjii wrote:
| Already working on it :) You can follow
| https://github.com/microsoft/sudo/issues/2 for updates.
|
| Honestly, the hardest part will be porting the Settings app
| changes to the Windows 10 styles. `sudo.exe` itself doesn't
| really depend on any OS platform changes, and if it did, we'd
| have a _very_ compelling case to bring those features with us
| downlevel.
| starik36 wrote:
| Where exactly is sudo.exe? It doesn't appear to be in the
| repo. I don't need the Settings portion. The exe itself
| would be immensely useful.
| ktpsns wrote:
| Nice to see the author here! I have to say: I really like whats
| going on in Windows world from a developer perspective in the
| recent years. I am a hardcore Linux fanboy for decades but I
| have to admit that PowerShell, WSL, vscode, Windows Terminal
| and the recent open source strategy sounds very appealing to
| me. This is something MS/Win does much better in recent days
| compared to, for instance, Apple/Mac OS.
|
| I would love to see a tighter integration of winget into
| Windows. I recently used a fresh MS Windows Server 2023
| installation and had a bad day to even get winget installed.
|
| I really hope that the current strategy does not turn out as
| somewhere between "embrace" and "extend"...
| zadjii wrote:
| Thanks! I think the team we're on has a very clear focus on
| making developers happy. Like, we're all ourselves,
| developers, so a lot of it is very self-serving. Anything we
| can do to make our own lives better is probably going to be a
| good thing for a lot of other developers too.
| yndoendo wrote:
| Windows change is welcoming, yet still not quality. As stated
| by someone below, sudo is https://www.sudo.ws/. Microsoft
| should give it a proper distinctive name lie wsudo or psudo.
| Little thinks like is compounds the issues with Windows /
| Microsoft.
|
| Even continually sticking to old design patterns causes
| issues in development and deployment. Big name companies do
| not trust applications running on hosted Windows because of
| their current business practices. Microsoft does not even
| have a means to provided ease of deployment for air-gap
| system. This is the only way some big business will let
| products hosted on Windows to be in their facilities.
|
| Windows as become more problematic for me because of all the
| layers of security that need to be applied for companies to
| trust Windows. This causes issues such as having to stop
| typing because Visual Studios or VSCode cannot process key
| strokes in real time.
|
| Localization translation text standard still does not allow
| for containing singular and plural in the same key.
| Translations should be easily to update so the client can
| improve wording on the fly. Microsoft still recommends using
| resx and compiling a DLL.
|
| .....
| 7thaccount wrote:
| Only problem is Powershell's commands are abysmally slow in
| comparison to chaining together Linux terminal commands that
| are written in C.
|
| Powershell is a super neat language though.... especially if
| the Microsoft team that manages it would work more with the
| team that does more for SMEs and not just DevOps.
| mappu wrote:
| Does the UAC prompt always say "Verified publisher: Microsoft"?
| Even without controlling stdin, malware at medium integrity
| could prompt to run a malicious command, and users will only
| see Microsoft's good name in the popup.
|
| Does this elevate within your own account token (i.e. will not
| work for non-Administrator users), or does it actually switch
| user (e.g. to LOCAL SYSTEM)?
| dist-epoch wrote:
| Putting Microsoft in the UAC prompt is indeed weird. It
| should be the info of the target binary. This feature sounds
| a bit rushed, and it's early preview, maybe they fix it by
| the final release.
| zadjii wrote:
| Yea, that's a limitation of UAC at this point, and probably
| not one we can avoid. The "Show details" dropdown on the
| dialog does however show the commandline you requested, so
| at least that's one way of making sure it's the thing you
| ran
| SushiHippie wrote:
| The best way would be, if it could say something like:
|
| Allow $PARENT_PROCESS_NAME to run $COMMAND with
| administrator rights.
|
| So if you would enter the following in cmd.exe:
| sudo notepad.exe ...
|
| It would say:
|
| Allow Command Processor Shell to run notepad.exe ... with
| administrator rights.
| vimsee wrote:
| > ..there's enough that's different about the permissions
| structure between OS's that just a straight port wouldn't make
| sense.
|
| Does this mean that the feature set of sudo for Windows can't
| be similar to the feature set found on sudo for *nix e.g. for
| BSD, MacOS, Linux..?
| Joker_vD wrote:
| Does sudo supports ACLs (which are the basis of Windows
| security model)?
| vimsee wrote:
| Sorry, I don't know.
| darksfall wrote:
| This is on the level of 'polishing a turd', especially
| considering that Windows has been for some time a smell that
| won't go away.
|
| However, with that said, in the end the closer Windows gets to
| Linux/*nix then the easier it is for people to move away.
|
| In that sense, I'll support your initiative.
| dijit wrote:
| that's rude and unfair.
|
| I really dislike windows but there's a decent amount of good
| stuff in there.
|
| it's just buried under the popups, ads, strange behavior and
| terrible business practices that are hostile to interop. This
| helps change that b
|
| IOCP is dope.
| neurostimulant wrote:
| I think they should've named it something else to avoid
| confusion, especially if it doesn't have the same behavior as
| unix sudo. If it has different arguments and features, imagine
| the confusion of unsuspecting users searching how to use sudo
| in the future.
| SushiHippie wrote:
| https://github.com/microsoft/sudo/issues/11
|
| Interesting
|
| > Reserved
|
| > not blank!
|
| > We like to camp nice round number issues like this one, for
| future use.
|
| Can you reuse GitHub issue numbers, or what could be their
| intention here?
| TheCleric wrote:
| You can edit the issue to be whatever you want later. But I've
| never seen anyone pre-reserve issue numbers like this.
| zadjii wrote:
| We've actually done that for a few years on the Terminal
| repo. It's great for things like megathreads / scenarios /
| epics. For example, I can tell you off the top of my head
| that microsoft/terminal#8888 is for "quake mode", and #4000
| is the extensions thread.
|
| We even used to have a bot that would auto-camp anything that
| was a multiple of 1000 or 1111 :D
| djbusby wrote:
| > nice round number issues
|
| But the number is 11? Is this Spinal Tap?
| madeofpalk wrote:
| We're about to hit issue/pr 100,000, and I really want to land
| a neat PR on that number :)
| JohnMakin wrote:
| If it were anyone but windows this sentence wouldn't alarm me
| like it does:
|
| > Sudo for Windows is a new way for users to run elevated
| commands directly from an unelevated console session
| belltaco wrote:
| Why is that?
| SCHiM wrote:
| In all honesty, I have the same reservations. If you look at
| the authz schemes between the different flavors of operating
| systems you see that the 'set-uid' concept is comparatively
| ancient, battle hardened and based on well understood
| mechanisms.
|
| This new functionality in Windows looks complicated. There's
| an architectural picture that involves:
|
| * Multiple processes
|
| * Windows RPC (On the basis of RPC? DCOM?)
|
| * Handle inheritance
|
| * Process integrity(?)
|
| * Token privileges(?)
|
| When UAC was introduced, there was a slew of bugs in the
| underlying RPC mechanism. I wonder if it will be the same.
| Can't wait to take a look at this in the debugger :)
|
| I also wonder if MSRC will consider this a "security
| boundary". Based on the fact that the text references process
| integrity(UAC), and that _is not_ a security boundary, I'm
| going to guess not. That means that this could potentially
| introduce bugs, but MSRC will not be handing out bounties to
| fix things. Which means that any bugs people find are less
| likely to be reported, and more likely to find their way into
| ransomware down the line.
| alyandon wrote:
| Is this going to be a fully proper implementation with a sudoers
| config such that something like sudo
| c:\some\path\to\normally_needs_elevation_to_function.exe
|
| will work for my user in my current desktop session without an
| elevation prompt?
| SteveNuts wrote:
| This will be a very controversial prediction, but mark my words:
| Windows will eventually use the Linux kernel.
| init2null wrote:
| Why not just keep the existing kernel running with a small
| team? Drivers and backwards compatibility are critical to many
| of Microsoft's enterprise customers.
|
| Now that isn't necessarily true for Windows running in the
| cloud. Drivers don't matter as much there.
| righthand wrote:
| I don't disagree. How I think it will happen: Backwards
| compatibility will start to stray at Microsoft (their last
| bastion), leading to WINE becoming the go to tool for backwards
| compat support. Microsoft will create a linux variant or maybe
| just a DE and the rest will be history (just as Libre Office
| has begun to supersede MS Office). It is a matter of will and
| time that C-Suite will want to eliminate labor around Windows
| to maximize profits as it becomes more and more hardened in
| it's feature set. Why maintain when you can utilize FOSS?
| a_vanderbilt wrote:
| In what business segment is Libre Office superseding MS
| Office? Furthermore, NT supports "personalities". Why bother
| with a full Linux kernel when they could adopt the
| personality a la SUA?
| Night_Thastus wrote:
| I strongly doubt they would ever do something that drastic. It
| offers few benefits and many roadblocks. It would be a
| monstrous amount of work, would throw into question many
| existing security-related certifications, break Microsoft's
| love of backwards-compatibility, etc.
| tmarsden wrote:
| I hope you're right! They sort of did the same thing already
| with Edge given it's just Chromium under the hood.
|
| Reminds me of a specific thought experiment with a boat.
| pjmlp wrote:
| Windows NT linage has supported UNIX since day one.
|
| While the original support wasn't great, SUA was quite usable,
| until they decided to discontinue it on Windows Vista.
|
| Nowadays we have WSL, which makes more sense, given how many
| folks buy Apple hardware and then complain UNIX isn't
| GNU/Linux.
| ronniefalcon wrote:
| what about "runas" :-) or this is considered psuedo-sudo?
| matthews2 wrote:
| This smells like when PowerShell aliased curl and wget to a
| completely different command, with incompatible arguments.
|
| https://github.com/PowerShell/PowerShell/pull/1901
| PreInternet01 wrote:
| Well, sudo for Windows has been a thing for, like, a few years
| now?... https://github.com/gerardog/gsudo
|
| Not sure if this is the same thing, but this definitely should
| have shipped with the very first implementation of "oh, sure,
| you're an Administrator, but not really, since we're ignoring
| that bit" a.k.a. User Account Control.
|
| That would have saved about a metric ton of misguided "here's how
| to turn off UAC" tutorials, but, ehm, yeah, anything to inject
| some life into the moribund Windows Insiders Program (the one
| where https://blogs.windows.com/windows-insider/ proudly
| headlines "What's coming for the Windows Insider Program in
| 2023"), right?
| zadjii wrote:
| gsudo is great! It's got a lot of features for power users,
| it's got a great community, and I can't recommend it highly
| enough. There's room here for us to be better together - Sudo
| for Windows can cover a number of in-box scenarios, with OS-
| side support for things like GPO, event logging, etc. But then
| for power users who need access to some of the wilder features
| of gsudo (running as TrustedInstaller?), that's always
| available too.
| PreInternet01 wrote:
| I would love it if I, as a lifelong Windows fanboy, could
| offer anything but a snarky reply to the author of a new OS
| feature. Yet, _good luck with that and don 't look at the
| headstones of those who came before you_ is all I can muster.
| pjmlp wrote:
| We already have runas for years now.
|
| This looks like one of those KPI fulfilling projects.
| justusthane wrote:
| That requires you to open an new terminal window. You've never
| been working in a standard terminal, tried to run a command
| that requires elevation, and been annoyed that you have to open
| a new window losing your command history?
|
| Or forgot to Run As and opened a non-elevated terminal by
| accident?
| dwattttt wrote:
| I believe the new window is to prevent SHATTER attacks
| (https://en.m.wikipedia.org/wiki/Shatter_attack), to ensure
| that a higher privileged process has a higher privileged
| Window. Is that not a concern anymore with this new sudo, or
| is there some other mitigation involved not?
|
| EDIT: from the linked wiki page, "By design, all services
| within the interactive desktop are peers, and can levy
| requests upon each other. As a result, all services in the
| interactive desktop effectively have privileges commensurate
| with the most highly privileged service there."
| pjmlp wrote:
| "In this configuration, Sudo for Windows will open a new
| elevated console window and run the command in that window.
| This is the default configuration option when sudo is
| enabled"
| zadjii wrote:
| > This looks like one of those KPI fulfilling projects
|
| It actually wasn't. This has been one of the top community
| requests for the Windows Command Line for years. Literally, for
| like, the entire 8 years I've been here, we've been talking
| about if there was a way to do Sudo for Windows.
|
| This was done because it makes developers happy, plain and
| simple. If that's a KPI, then that's the one we're optimizing
| for.
| pjmlp wrote:
| Surely by people trying to do UNIX on Windows.
| vips7L wrote:
| What is different about sudo vs runas?
| lIl-IIIl wrote:
| https://learn.microsoft.com/en-us/windows/sudo/#how-is-
| sudo-...
| lIl-IIIl wrote:
| The comment in the article links to this explanation:
|
| https://learn.microsoft.com/en-us/windows/sudo/#how-is-sudo-...
| oflebbe wrote:
| Next: systemd for windows?
| cogman10 wrote:
| Already there. Windows has had services for a long time managed
| pretty similarly to systemd/launchd.
| madspindel wrote:
| Well, compare how to start syncthing automatically on
| Windows: https://docs.syncthing.net/users/autostart.html
|
| On Debian I could just type:
|
| systemctl --user enable --now syncthing.service
|
| Native systemd on Windows would be awesome. Microsoft should
| hire the creator of systemd...
| Night_Thastus wrote:
| Interesting. I've been pretty happy with all the Unix-related
| updates they've put out lately. WSL has been a godsend and the
| new terminal and powershell have worked a treat. Glad they seem
| to be continuing with it.
| al_borland wrote:
| My theory is that Microsoft is working on eventually moving
| Windows over to the Linux kernel, and all these things they are
| doing are setting the stage and preparing for an easier
| transition.
| Night_Thastus wrote:
| As I said on the other post, I strongly doubt that. It offers
| few benefits and many roadblocks. It would be a monstrous
| amount of work, would throw into question many existing
| security-related certifications, break Microsoft's love of
| backwards-compatibility, etc.
|
| All MS is trying to do is make it easier for developers to
| develop _on_ Windows _for_ Windows, which it has ample
| incentive to do both internally and externally.
| 0cf8612b2e1e wrote:
| I have been continually disappointed that Microsoft has not
| released a seamless Windows virtualization system. WindowsX
| would run the new, redesigned APIs, but all of the legacy
| could run inside a sandboxed system to give the world the
| required decades to finally transition.
| mrj wrote:
| This! I won't buy a Windows OS to run stuff because
| rebooting is annoying and I end up rarely ever actually
| dual booting. But I'd pay good money for a Windows
| Classic library on Linux.
| doubled112 wrote:
| Windows Subsystem for Windows?
| __egb__ wrote:
| How about, "Winception"
| yrro wrote:
| Already exists, read up about "Windows on Windows" and
| "WOW64" :)
| calamari4065 wrote:
| I'm really amused that the least painful way to develop for
| Windows on Windows is to just use Linux.
| HackerLemon wrote:
| What's the difference from opening a Terminal (Admin) window?
| Just that you can run a single command as admin? I must be
| missing something here
| Isthatablackgsd wrote:
| Opening a terminal in admin window which means any commands you
| put in that windows will always have admin privilege, no matter
| what.
|
| What does Sudo is to only provide the root/admin privileges for
| specific inputted command. Once it is done, it goes back to
| user privileges. This way, the terminal window didn't need to
| end the session to go back to user privileges.
| gwervc wrote:
| That's a very slim proposition value, especially when
| multiple commands in a row require admin privileges.
| MattPalmer1086 wrote:
| Sudo also allows you to control _which_ commands can be
| elevated to admin.
|
| It also lets you elevate to admin without knowing the admin
| password, you elevate with your normal account password.
| Effectively, some commands can execute as admin, but the
| user generally cannot.
|
| So you can allow limited administration without giving
| everything away.
| ikekkdcjkfke wrote:
| Why is admin privilidge even a thing? Ask for the god damn
| specific resource you want access to and I'll answer yes or
| no!
| dwattttt wrote:
| "Admin"'s identity is the resource you're asking
| permissions to use. If don't want identities, are you going
| to manually authorize every file that needs to be
| interacted with? For a recursive delete of thousands of
| files?
| remus wrote:
| > Just that you can run a single command as admin?
|
| I mean, that's sudo's whole thing! [1] You can live your day to
| day terminal life without the risk of borking things too badly,
| then when you occasionally need to elevate to higher privileges
| you can do it easily for that specific command.
|
| [1] Technically not the whole thing obviously, but it's a very
| common use case.
| dist-epoch wrote:
| It's faster and it keeps your current directory, opening a new
| Terminal starts in the default directory.
|
| It's a convenience thing.
| scrlkrunner wrote:
| This adds a factor of enshittification for NT, NT doesn't need 88
| line PowerShell scripts, this "sudo for Windows" thing makes
| Windows seem like a teenager's high school project. Windows NT
| already has runas, let NT be NT and let POSIX have sudo/doas.
| Previously Microsoft hired the best of the best operating systems
| engineers in the USA who were from Digital and they proved to be
| people capable of making an operating system able to scale from
| MIPS to PowerPC/DEC Alpha/IA-32/amd64/Itanium with any
| combination of hardware and peripherics, now they're allowing
| random people to push 88 line scripts and calling it a day. Very
| few people in this world deserve the privilege of touching any
| Windows NT code and even more few people deserve the possibility
| of pushing things to the build lab of Windows NT 10/11 builds
| zadjii wrote:
| Thanks? But sudo * isn't a 88 line PowerShell script, it's a
| 1800 LOC Rust binary * isn't a NT kernel feature, it's a
| usermode executable * was made by (in my opinion) a perfectly
| decent engineer. That may be thinking too highly of myself
| though.
| scrlkrunner wrote:
| I see you are one of the heads of sudo for Windows, now based
| on your comment I see sudo for Windows with non-so unhopeful
| eyes. The comment about 88 lines PS code is about sudo.ps1 on
| the repo, thanks for clarifying. I'd like if more
| consideration is taken over sudo for Windows, as the MSDN
| docs relate: sudo at the moment has a clear distinction with
| runas and you must be the one who chooses what's best, I can
| infere the intention is not replacing runas, but then there's
| two ways to the same goal and each one with its differences.
| It's a similar situation than it was with WMIC and WMI for
| PS, being this case as a longer-standing approach, WMIC is
| deprecated but you can still use it if you want, however WMI
| for PS has the same functionality as WMIC and still offering
| benefits over WMIC, ultimately WMIC will be removed from
| future Windows releases. I'd be less confusing if this route
| is planned for runas and sudo
| Conscat wrote:
| They decided kernel-mode graphics isn't a terrible idea,
| though.
| jhickok wrote:
| If it's just an alias for "runas" that presents a UAC prompt
| window I will be disappointed.
| tester756 wrote:
| Initially I thought ur concern is crazy as hell, because who
| would implement it in such a painful way?
|
| But then I read
|
| >When elevating a process from the command-line with sudo, a
| UAC dialog will appear asking the user to confirm the
| elevation:
|
| LOL
|
| But it seems like there are other ways to use it without this
| dialog
|
| >In this configuration, sudo.exe will launch a new elevated
| console window and run the command in that window. The new
| window will be launched with the same working directory as the
| current window. The new window will also be launched with the
| same environment variables as the current window. This
| configuration has a similar flow to the runas command.
| RajT88 wrote:
| There's no way that second use case doesn't show a UAC
| prompt.
|
| The whole point of the split token / UAC elevation is to
| avoid elevation without user interaction. Imagine malware
| stuck as standard user just running itself like:
|
| cmd.exe /c sudo malware.exe
| calamari4065 wrote:
| Having the sudo command open an entirely separate terminal as
| an admin user is absolutely ridiculous and completely on
| brand for Microsoft.
|
| Along with the UAC dialog, I can't think of a worse way for
| sudo to behave.
|
| What's wrong with entering your password for sudo? How is UAC
| more secure than a password?
| hughesjj wrote:
| UAC is less secure than a password right?
| aksss wrote:
| If you're running as local admin you just get the dialog,
| but you're not using a local admin as your daily driver
| user acct, right? ..Right? :)
|
| If you're logged in as a standard user, UAC prompts you for
| new username and password to authenticate and authorize the
| privileged operation.
| tetris11 wrote:
| Isn't that what askpass does in every modern Linux desktop UI?
| spogbiper wrote:
| sudo cmd.exe
|
| the new "sudo bash"
| BiteCode_dev wrote:
| Good news.
|
| But I'm also bracing for millions of windows users that will now
| be able to sudo pip install.
| tonymet wrote:
| sudo on windows has a different risk profile given the malware
| ecosystem and lack of educated/ trained users.
|
| 95% of linux users are developers who understand risk -- though
| are prone to mistakes
|
| 99% of windows users are casual consumers .
|
| Let's keep this functionality narrowly accessible : restricted to
| developer mode and very formal consent. I suggest disabling it if
| it's unused for a few days
|
| this will only rejuvenate the malware market.
| slaymaker1907 wrote:
| There's still the UAC prompt which should help mitigate risk,
| plus it's locked behind developer settings.
| tonymet wrote:
| that's good news
| lostruinsofraku wrote:
| Can you draw the part of the diagram in the blog post based off
| of these sentences?
| https://devblogs.microsoft.com/commandline/introducing-sudo-...
|
| In these configurations, sudo.exe will launch a new elevated
| process, an elevated sudo.exe process, and the original
| unelevated sudo.exe will establish an RPC connection with the new
| elevated process. In other words, information is passed from the
| unelevated sudo instance to the elevated one.
| zadjii wrote:
| Yep, that's basically the entire diagram. The information
| that's passed is basically just the commandline, env vars, and
| a handle to the console of the unelevated sudo's console. Once
| it's got a handle to the console, the elevated sudo can spawn
| the target app attached to the original console, rather than a
| new one. Simple as that!
| charcircuit wrote:
| While this looks more secure than the original, I don't think
| modern operating systems should be investing resources into
| making privilege escalation easier for users to do. Considering
| UAC already exists it's not like the additon of sudo is much
| worse to include so overall it may be better, but I feel
| investing resources to get rid of the need of users needing to
| elevate things would be time better spent.
| RadixDLT wrote:
| hmmm, so I no longer need to right click on cmd and run as
| administrator?
| johnea wrote:
| If everyone thinks this is so great (just judging by the number
| of times it's appeared in the HN top 30), why don't they just run
| linux, instead of some sh!t immitation?
|
| Everyone knows, if you can C colon, your running a M$ product...
| fortran77 wrote:
| Linux is just some [explitive deleted] imitation of Unix, where
| the sudo command originated.
|
| I run Windows as my primary development environment because
| it's better. Linux and other OSes run in VMs.
| washadjeffmad wrote:
| I don't think you should be downvoted for answering parent's
| question. It's helpful for understanding a mindset that not
| everyone possesses.
|
| Which version of Windows do you currently run, and what do
| you feel Windows has or does that makes it superior for your
| development work?
| niux wrote:
| There's already a tool out there that works just fine:
| https://github.com/gerardog/gsudo
| dundarious wrote:
| I already use https://github.com/lukesampson/psutils which has a
| sudo.ps1, which I install via scoop (I know that's a mouthful,
| but I just install scoop and run `scoop install sudo`). I used it
| from powershell literally just before I opened this article
| (after copy-pasting a password, I copy some random text laying
| around in the browser, like "com", then run `sudo restart-service
| -name 'cbdhsvc*'` to clear the clipboard history -- does not
| clear the current value). There is a UAC prompt, but it's
| perfectly adequate for interactive work.
| yrro wrote:
| This is good, but runas already exists. Its interface is shit.
| Improve it to make it not shit please. Don't hijack the name of
| an existing command unless you're going to re-implement its
| interface 100% compatibly.
|
| This is like when PowerShell hijacked curl all over again...
| PeterStuer wrote:
| Can someone detail the differences between this and runas plz?
| mikestew wrote:
| _runas_ doesn't pass current directory, or environment (at
| least the last time I used _runas_ on Windows 10). I vaguely
| recall that _runas_ has a kinda low limit on command line
| length, too ( I'm possibly misremembering that one).
| 1970-01-01 wrote:
| Can't wait for new malware to sudo-up the calculator &&
| bitsadmin.
___________________________________________________________________
(page generated 2024-02-08 23:00 UTC)