Introducing Sudo for Windows!
devblogs.microsoft.com
Introducing Sudo for Windows We’re excited to announce the release of Sudo for Windows in Windows 11 Insider Preview Build 26052! Sudo for Windows is a new way for users to run elevated commands directly from an unelevated console session. It is an ergonomic and familiar solution for users who want to elevate a command without having to first open a new elevated console.

Shipped in Windows 11 Insider Preview Build 26052. https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html claims it has a big security problem that makes the program accept calls to elevate from anywhere once first run

Edit:

  1. The security problem has been internally fixed and will be available in the next release
  2. It’s not just an alias for ‘runas’. It seems to be able to configurably block user input for sudo’d commands, retain the existing environment, ditch it and open a new window, and remember that you’ve sudo’d in the last minute or so.
  3. It brings up UAC instead of having you input the password
  •  Nath   ( @Nath@aussie.zone ) 
    225 months ago

    I was Googling like mad just this week on how to execute a cmdlet as Admin from within a script that isn’t running with elevated privileges. The results all basically came back with some variation of “just run the script as Admin”.

    This is the right way to do it. I’m glad it’s coming.

    •  4dpuzzle   ( @tesseract@beehaw.org ) English
      125 months ago

      The OpenBSD devs published a mail about it. The irony here is how Microsoft would behave if anybody else copied their concepts, including the name. The treatment is never symmetric or reciprocal.

      •  UNIX84   ( @UNIX84@beehaw.org ) 
        135 months ago

        I mean licensing comes in here. The FOSS licenses allow this. Microsoft EULA and copyright almost certainly does not. But yes, I get the sentiment.

        It’s almost as if all of the FAANG/Magnificent 7 market outperformance the past 15 years was built on the backs of the free labor provided by the FOSS movement. But then they will turn around and claim that non-western companies steal IP, etc and have US intervene to ban competition, or sue in courts. Kind of funny.

        Back to the tech discussion, I’ve been using doas for a few years now instead of sudo. Even on my GNU/Linux machines. It’s a lot simpler to setup for desktop workflow machines.

        •  jarfil   ( @jarfil@beehaw.org ) 
          75 months ago

          free labor provided by the FOSS movement

          Check out the contributors to Linux, how many of them work for free vs. how many work on behalf of companies.

          There is this pervasive myth that FOSS gets developed by lone wolves working in their spare time, when in reality most of the projects that get any traction, have a financing model behind them.

      •  Nath   ( @Nath@aussie.zone ) 
        35 months ago

        That’s where I started, of course - but you can’t combine -verb with -credential. It’s a silly limitation that seems to make sense to Microsoft. What you can do is configure a savecred which you can call with RunAs, but you then need to update that saved credential every time the password changes.

        I do have a $Credential object that has been pulled out of the password safe that has elevation permissions, but can’t seem to apply it non-interactively or without being in an elevated session. This appears to be by design. Not that I intended my comment to turn into a support question. 😀

      •  Nath   ( @Nath@aussie.zone ) 
        15 months ago

        I like it! I think I’ll tinker with this on my workstation, potentially even my dev environment. It isn’t suitable for my present issue though, as gsudo is not in the SOE. Also, from that little demo thingy, it appears to pop up a UAC prompt the first time it executes. I need to be non-interactive.