- cross-posted to:
- programming@programming.dev
- cross-posted to:
- programming@programming.dev
Shipped in Windows 11 Insider Preview Build 26052. https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html claims it has a big security problem that makes the program accept calls to elevate from anywhere once first run
Edit:
- The security problem has been internally fixed and will be available in the next release
- It’s not just an alias for ‘runas’. It seems to be able to configurably block user input for sudo’d commands, retain the existing environment, ditch it and open a new window, and remember that you’ve sudo’d in the last minute or so.
- It brings up UAC instead of having you input the password
start-process -verb runas
https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.management/start-process
Not the same as sudo, but mostly equivalent for single cmdlets or scripts.
That’s where I started, of course - but you can’t combine
-verb
with-credential
. It’s a silly limitation that seems to make sense to Microsoft. What you can do is configure asavecred
which you can call with RunAs, but you then need to update that saved credential every time the password changes.I do have a
$Credential
object that has been pulled out of the password safe that has elevation permissions, but can’t seem to apply it non-interactively or without being in an elevated session. This appears to be by design. Not that I intended my comment to turn into a support question. 😀