BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ
News Articles Presentations Podcasts Guides

Topics

Choose your language

InfoQ Dev Summit Boston

Discover transformative insights to level up your software development decisions. Use code LIMITEDOFFERIDSBOSTON24 for an exclusive offer.
InfoQ Dev Summit Munich

Get practical advice from senior developers to navigate your current dev challenges. Use code LIMITEDOFFERIDSMUNICH24 for an exclusive offer.
QCon San Francisco

Level up your software skills by uncovering the emerging trends you should focus on. Register now.
The Software Architects' Newsletter

Your monthly guide to all the topics, technologies and techniques that every professional needs to know about. Subscribe for free.

InfoQ Homepage News Sudo for Windows - Elevating Command Execution in Windows 11

Development

Sudo for Windows - Elevating Command Execution in Windows 11

This item in japanese

Bookmarks

Feb 22, 2024 1 min read

InfoQ Article Contest

Share your knowledge Win a ticket to a QCon event
or an InfoQ Dev SummitFind out more

Microsoft announced that Sudo for Windows will be available in the latest Windows 11 Insider Preview Build 26052. This tool transforms how users execute elevated commands directly from an unelevated console session. Sudo for Windows provides an intuitive and familiar solution, eliminating the need to open a new elevated console and enhancing the user experience.

Sudo for Windows is open-source on GitHub and the plans and additional features will be shared in the coming months. For users seeking extended functionality not already implemented in Sudo for Windows Microsoft suggests Gerardo Grignoli's gsudo as a compelling alternative. This tool offers numerous additional features and configuration options.

To activate Sudo for Windows, head to the Settings > For Developers page in Windows Settings, and toggle the "Enable Sudo" option.

 

"For developers" configuration panel with Enable sudo toggle

Alternatively, users can enable it through an elevated console session using the command:

sudo config --enable <configuration_option>

Sudo for Windows supports three configuration options, each serving a distinct purpose:

  1. In a New Window (forceNewWindow): Opens a new elevated console window to run the command.
  2. Input Closed (disableInput): Runs the elevated process in the current window with stdin closed, limiting user input.
  3. Inline (normal): Behaves similarly to sudo on other operating systems, connecting stdin, stdout, and stderr to the current window.

Example scenarios are the following:

  • In a New Window Configuration: Running sudo netstat -ab opens a new elevated console window, executing the command within it.
  • Input Closed Configuration: Running the elevated process in the current window with stdin closed.
  • Inline Configuration: Connects stdin, stdout, and stderr to the current window.

When elevating a process with `sudo`, a User Account Control (UAC) dialog prompts user confirmation. Once confirmed, the process is elevated based on the selected configuration. Users can explore optional parameters for the `sudo` command by running `sudo -h` in the console.

In the "In a New Window" configuration, sudo.exe launches a new elevated console window, mirroring the current window's directory and environment variables. For "Input Closed" and "Inline" configurations, sudo.exe initiates a new elevated process. The original unelevated `sudo.exe` establishes an RPC connection with the elevated process, facilitating information exchange.

 

Diagram of how the process hierarchy looks

Due to potential security risks, caution is advised when using "Inline" or "Input Closed" configurations. The "Input Closed" configuration mitigates risks by preventing the elevated process from reading user input.

About the Author

Claudio Masolo

Show moreShow less

Rate this Article

Adoption
Style

This content is in the Operating Systems topic

Related Topics:
BT