135
submitted 10 months ago* (last edited 10 months ago) by Aatube@kbin.social to c/technology@lemmy.world

Shipped in Windows 11 Insider Preview Build 26052. https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html claims it has a big security problem that makes the program accept calls to elevate from anywhere once first run

Edit:

  1. The security problem has been internally fixed and will be available in the next release
  2. It's not just an alias for 'runas'. It seems to be able to configurably block user input for sudo'd commands, retain the existing environment, ditch it and open a new window, and remember that you've sudo'd in the last minute or so.
  3. It brings up UAC instead of having you input the password
top 50 comments
sorted by: hot top controversial new old
[-] Tja@programming.dev 54 points 10 months ago

This incident will be reported.

[-] breakingcups@lemmy.world 35 points 10 months ago
[-] jwt@programming.dev 3 points 10 months ago

"Would you like to buy some sudocrem?"

[-] SnotFlickerman@lemmy.blahaj.zone 45 points 10 months ago
[-] jerrythegenius@lemmy.world 17 points 10 months ago
[-] tostiman@sh.itjust.works 12 points 10 months ago

remove for real, for real

[-] Aatube@kbin.social 2 points 10 months ago

Wouldn’t work on powershell in which the options parser works very differently

[-] Aatube@kbin.social 2 points 10 months ago

In powershell you’d have to do -fo because there’s —filter

[-] DarkNightoftheSoul@mander.xyz 42 points 10 months ago

sudo stop redirect capturing my back button

[-] _sideffect@lemmy.world 26 points 10 months ago

I fucking LOATHE their same page redirect every time I mistakenly click on a MS answers page

[-] herrcaptain@lemmy.ca 21 points 10 months ago

It's even worse because if you've found your way to MS answers you're clearly desperate because nothing came up on a real site. So you're already in a bad mood and then - BLAM - redirect!

[-] 800XL@lemmy.world 4 points 10 months ago

And then the answer is posted twice in a row from the the same expert and reads: "thank you for contacting Microsoft Answers. We are closing this thread as it's reached the maximum age of -21479632".

[-] Toes@ani.social 4 points 10 months ago

I hate how every recommended answer is some copy paste guide on how to reset the PC. If that is your go to fix for everything you're a garbage technician.

[-] AnonStoleMyPants@sopuli.xyz 5 points 10 months ago

Thankfully you can right click the "back" button and it'll give you a list of couple of last sites and you can just so it from there. It is still annoying though.

[-] Toes@ani.social 2 points 10 months ago

I've added ms answers to my ublock filter. The site is worthless.

[-] tabular@lemmy.world 26 points 10 months ago

Sudo already exists, is it okay to just name a different program by the same name?

Guess which one Bing search will try harder to return.

[-] Salzkrebs@lemmy.world 6 points 10 months ago

I hate searching for sway config stuff using DDG (which returns Bing results).

Chances are never zero that that there is an outdated MS product with the same name of what you're searching.

[-] squid_slime@lemmy.world 4 points 10 months ago

I feel this, I type swaywm instead now

[-] victorz@lemmy.world 2 points 10 months ago

Hold up. DDG returns Bing results? TIL. Is that true? How do we know? Do they state this, themselves?

[-] Aatube@kbin.social 8 points 10 months ago

https://duckduckgo.com/duckduckgo-help-pages/results/sources/

Most of our search result pages feature one or more Instant Answers. To deliver Instant Answers on specific topics, DuckDuckGo leverages many sources, including specialized sources like Sportradar and crowd-sourced sites like Wikipedia. We also maintain our own crawler (DuckDuckBot) and many indexes to support our results. Of course, we have more traditional links and images in our search results too, which we largely source from Bing. Our focus is synthesizing all these sources to create a superior search experience.

load more comments (1 replies)
[-] tja@sh.itjust.works 5 points 10 months ago

They are already doing it for other commands. Eg curl.

[-] Shdwdrgn@mander.xyz 24 points 10 months ago

Welcome to 1980, Microsoft (or 1993 if you're feeling really generous).

[-] ThatFembyWho@lemmy.blahaj.zone 17 points 10 months ago

Finally! The day I've been waiting for so long. Goodbye Linux, hello Windows!

- nobody ever

[-] brick@lemm.ee 8 points 10 months ago

In your mind, do you really think that is the intention here? Seems more like a convenience for people who use both Linux and Windows.

I have to use both so I welcome it.

[-] naticus@lemmy.world 4 points 10 months ago

Seriously. My home PC runs Linux primarily, but I sysadmin both Windows and Linux at work and this will be very convenient. Forgetting to run PowerShell as admin is always frustrating, especially when I have the commands and variables already established.

[-] phoenixz@lemmy.ca 16 points 10 months ago

Install Linux already, get it over with. Windows has been and still is a sad joke, why pay for that crap?

[-] PlutoniumAcid@lemmy.world 12 points 10 months ago

Sure, tell my corporate overlords to do that, on thousands of computers across the globe.

At home i can do what I want, at work I have to bow down.

[-] QuarterSwede@lemmy.world 9 points 10 months ago

Because business uses Windows services, which are, by far, the most common. And when collaborating and sharing files is essential this is a major deal breaker. I love *nix but it just wouldn’t work as well in the business world until there are wide spread services that replicate or do better than what Microsoft does with enterprise support and pricing in mind.

[-] aStonedSanta@lemm.ee 4 points 10 months ago
[-] moriquende@lemmy.world 3 points 10 months ago

You can get a legit Windows 11 key for like 5 bucks, no reason not to install it honestly. Even if only for dual booting, it can save you a lot of headaches.

load more comments (5 replies)
[-] purplemonkeymad@programming.dev 9 points 10 months ago* (last edited 10 months ago)

Ok, so yea just a "better" version of runas. I can see it being a bit easier when you just need to do the one thing as admin, but overall just opening an admin windows is still going to be the best way.

I really think the security issues makes it not worth enabling.

[-] w2tpmf@lemmy.world 3 points 10 months ago* (last edited 10 months ago)

Yep. It's basically an alias for:

runas /user:administrator

If you want to open a new command line window with admin privs you can always do:

runas /user: administrator CMD.exe

Which is of course on Linux this would kinda be like running:

sudo su
[-] Aatube@kbin.social 7 points 10 months ago

It's not just an alias. It seems to be able to configurably block user input for sudo'd commands, retain the existing environment, ditch it and open a new window, and remember that you've sudo'd in the last minute or so.

load more comments (1 replies)
[-] dbilitated@aussie.zone 3 points 10 months ago

oh thank goodness! I have been waiting so long for this

[-] phoenixz@lemmy.ca 7 points 10 months ago

Why wait? Linux has had sudo for over 25 years

[-] vaionko@sopuli.xyz 5 points 10 months ago

And sudo itself has existed for over 40 years

[-] dbilitated@aussie.zone 2 points 10 months ago

sometimes I work on windows. I miss sudo when I do 🤷‍♂️

[-] fuzzy_feeling@programming.dev 3 points 10 months ago

and i'm thinking about switching to doas.

load more comments (3 replies)
[-] nutsack@lemmy.world 3 points 10 months ago

looks like shit thanks

[-] kittenzrulz123@lemmy.world 2 points 10 months ago

Soooo revolutionary and unique like Phone Link

[-] ada@lemmy.blahaj.zone 2 points 10 months ago

Did they ask for permission first? :p

load more comments (1 replies)
[-] vext01@lemmy.sdf.org 2 points 10 months ago

Tell me it has a better configuration format than sudo.

(I've ditched sudo for OpenBSD 'doas' across the board ever since it made its way into debian's repos)

load more comments (3 replies)
load more comments
view more: next ›
this post was submitted on 11 Feb 2024
135 points (87.7% liked)

Technology

60073 readers
4898 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS