Sudo For Windows

From John Sinclair - 12/13/07 3:06 PM

This app works great for me on vista, but only after I disabled UAC.

I can safely run as non-admin, and easily elevate an app to admin without the hassle of a different profile, and without the overheads and issues of using UAC. 

From kwwall - 12/17/07 10:31 AM

I've used sudo for *nix systems for at least 10 years, and for the most part, am  very happy with it. Sudowin looks like it will be very useful as well, but I have concerns that it requires disabling UAC on Vista. Just wondered what other Microsoft developers and consultants who contribute to this Wiki think about that. Is there no way to write sudowin so that it works on Vista with UAC enabled? If not, what are the issues I need to be aware when making the tradeoff of sudowin vs. keeping UAC enabled and using runas, etc. I'm afraid that I don't know of the details to make an informed judgement.

Thanks,

-kevin

From AaronMargosis - 12/18/07 2:50 AM

Disabling UAC has other undesirable side effects -- you're better off sticking with the Vista defaults (UAC on, consent prompt for admins, etc.).  Side effects include disabling file/registry virtualization (a great app-compat technology that helps many apps run correctly without elevated permissions), and disabling Internet Explorer's Protected Mode feature, which runs IE in a low-rights "sandbox" that greatly diminishes its ability to adversely affect the system if compromised.

Sudo and similar elevation techniques were deliberately not included in Vista.  Read this for a more full explanation:   
FAQ: Why can't I bypass the UAC prompt?

From akutz - 12/18/07 4:54 AM

My thoughts on the UAC is that it is a good idea, but poorly implemented. The file/registry virtualization is terrific. As a terminal services administrator it is a great boon, but there is no reason that it needs to be tied to the UAC. So, they should unbundle it and make it so that we *can* disable the UAC and use third-party techniques such as sudowin. Of course I may be a bit biased.  :)

From Kiliman - 1/7/08 6:29 AM

UPDATE: Sudowin v0.4.1 has been released on SourceForge and now works with Vista UAC.

I have modified Sudowin to work with Vista UAC.

Basically, you need to run the Callback app twice. The first time is with the new token that includes the Administrators group. The callback then executes again (this will be as an admin, but UAC will not have elevated this token). The second time then executes the application you sudo'd but uses  UseShellExecute=true and Verb="runas" to force the UAC prompt.

So now you have the best of both worlds. You can now run as a limited user ALL the time. Then when you need to elevate to Admin, you can Sudo and UAC will still prompt as usual.

So why is this different than simple UAC where the normal Admin token is the same as limited user?

Well, by updating the sudowin config file, you can limit which apps can be elevated. This is great for home use where I would never give admin rights to my kids, but some applications (namely games) won't run unless you're an admin. By adding the game to the config file, my kids can play these games without me having to enter an admin password. The same advantages apply to business apps.