Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Windows Microsoft

Will Microsoft Bring the Linux 'Sudo' Command to Windows Server? (bleepingcomputer.com) 100

An anonymous reader shared this report from BleepingComputer Microsoft released the first Windows Server 2025 Insider preview build last week. However, soon after, a newer version was leaked online. As first reported by Windows Latest, the leaked version contains some new in-development features, including new settings for a Windows 'sudo' command.

These settings are only available after enabling developer mode, and the sudo command does not currently work from the command line yet, showing it is early in development. However, the sudo settings provide some clues as to how the command will work, with the ability to run sudo applications 'In a new windows', 'With input disabled', and 'Inline'....

It is important to note that Microsoft commonly tests new features in preview builds that do not make it into the production builds.

Obligatory XKCD.
This discussion has been archived. No new comments can be posted.

Will Microsoft Bring the Linux 'Sudo' Command to Windows Server?

Comments Filter:
  • Nice (Score:5, Interesting)

    by olmsfam ( 1399493 ) on Sunday February 04, 2024 @08:39PM (#64214042)

    Can't tell you how many times i launched cmd prompt non administratively then had to close and re-open as admin. Now i can just waste exactly as much time typing sudo! But seriously it does seem helpful for scripting maybe.

    • Oh, I'm sure you'll still have to run the command prompt in administrator mode in order to use sudo.

      I hope they don't, it's not a great idea from a security perspective.

      • Windows alrealy had a 'su' context where a privileged program/user like 'everyone' could call processes in the context of a more privileged user like 'system' without the actual user's input. A sudo command in there somewhere would be interesting....

    • by caseih ( 160668 )

      I always just used the runas command in those situations.

      • but can you do "runas !!" to run the previous command in with administrator privileges?
        • Pretty sure you can if you use bash. The !! feature comes from bash. As long as runas is a regular executable found in the path, then it should work fine.

    • Re:Nice (Score:5, Informative)

      by Opportunist ( 166417 ) on Monday February 05, 2024 @02:25AM (#64214550)

      There's a distinct difference here.

      Opening a command prompt as admin means that the person doing so must be allowed to run every single program as administrator. Because that's the consequence of doing this. A privileged CMD (or PS) means that you can execute any command with the privileges of the admin account. That's probably not what you want, or what you need.

      In a work environment, I may want to grant a particular user the ability to launch a particular program with administrative (or other) permissions, but no other programs. And I frankly don't even know if the runas command can be configured to provide this level of granularity.

      • by dwywit ( 1109409 )

        Create a group with "execute" permissions applicable to one (or more) programs, then add or delete users from that group?

        It's not that difficult.

      • by Sigma 7 ( 266129 )

        And I frankly don't even know if the runas command can be configured to provide this level of granularity.

        Even if it did, it would have to be locked down to only allow specific applications.

        Running notepad is too lenient, because File -> Save As allows opening a command prompt by typing "CMD" in the folder selection box at the top. The same applies to anything else that uses the stock Save As dialog window.

        What's instead wanted is having custom software that makes admin-level changes based on input from

      • Which is why you'd actually use the fine-grained permission structure already built into Windows to do this, rather than trying to retrofit a 'sudo'-alike' 'those who fail to understand unix are doomed to reimplement it, badly'' type runas command.
    • then had to close and re-open as admin. Now i can just waste exactly as much time typing sudo!

      You either have lightning fast reflexes or are the world's slowest typer. Typing sudo is far faster than relaunching your entire terminal, to say nothing of the fact that often you'll find the context of the terminal has changed (e.g. you may need to renavigate to a directory).

      But that's all beside the point. Everything you do in a terminal is executed with the permissions of that session. It's not a good practice to run an administrative session as it can lead to dangerous consequences that are often prote

    • by tlhIngan ( 30335 )

      Can't tell you how many times i launched cmd prompt non administratively then had to close and re-open as admin. Now i can just waste exactly as much time typing sudo! But seriously it does seem helpful for scripting maybe.

      How is typing up-arrow, Home, sudo, and space slower than closing the current window and re-opening powershell as admin? The latter even involves a trip through UAC. And then you have to retype the entire command as it's not in the history.

      I would assume at a very basic level the sudo com

  • by DrWho42 ( 558107 ) on Sunday February 04, 2024 @08:51PM (#64214066) Homepage
    Those who don't understand UNIX are doomed to reinvent it... poorly.
  • C:\>sudo rm -rf *
    'sudo' is not recognized as an internal or external command, operable program or batch file.

  • by nocoiner ( 7891194 ) on Sunday February 04, 2024 @09:23PM (#64214116)

    Because Microsoft really needs to get sued again :)

  • by Waffle Iron ( 339739 ) on Sunday February 04, 2024 @09:24PM (#64214124)

    The article didn't explain the actual syntax of the shell command:

    C:\> System.Service.Get-Privileges(Get-Users.CurrentUser) | ExecuteProcessWithAlternatePrivileges --ExecuteTime="Now" --ExecutePriority="Standard" --AssumeUserIdentity="MyDomain\\Administrators\\DefaultAdministrator" --WithAccessControlList="Default" --CommandToRun="DEL MYFILE~1.TXT"

    • by Guspaz ( 556486 )

      Seems like the kind of thing that could easily be aliased in powershell with a function in the user profile named "sudo".

    • Um, you just made that up, didn't you? I'm 99% sure.

      • Well, Microsoft does make it hard to avoid Poe's law when you try to make fun of their design choices. No matter how outrageous you make it, it still looks plausible.

  • I'm only interested if I dont have to know the password of the user im sudoing as, like in Linux. Right now, runas still requires a different password and is useless. Anyone that says sudo is bad, has never worked in the real world.
  • by Kiddo 9000 ( 5893452 ) on Sunday February 04, 2024 @09:53PM (#64214192)
    Guess none of them have heard of gsudo yet (or they are just copying it)
  • ... or is it Sussudio [youtube.com]?

  • The terminology differs. Windows has the 'Administrator' user instead of the UNIX 'super user'.

    Why call it sudo then? Call it 'ado'.

  • by vbdasc ( 146051 ) on Monday February 05, 2024 @02:25AM (#64214548)

    the Linux 'Sudo' Command

    sudo isn't a Linux command. Some Linux distributions provide it, that's all. Plus, it was invented outside of Linux.

    For the curious, 'troff' is not a Linux command, either.

  • This should be fun. Windows users aren't exactly famous for being security conscious or... dare I say it... competent? Now, where's my popcorn?
  • Microsoft and Bill Gates copied a couple of Unix/Linux command features in each release going back to DOS in the 80s. I remember one of the first DOS releases big new feature was sub-directories. A few releases later the big new features was symbolic links. In the late eighties when MS couldn't get anyone to use their networking protocol, they made a big deal out of adding the TCP/IP stack to their operating system. Now they are adding the sudo command.

"The one charm of marriage is that it makes a life of deception a neccessity." - Oscar Wilde

Working...