this post was submitted on 11 Nov 2024
-34 points (22.6% liked)

Linuxsucks

172 readers
140 users here now

Shit on Desktop Linux and its evangelists here

No evangelizing for Linux

founded 1 month ago
MODERATORS
madthumbs@lemmy.world
-34
sudo makes no sense (feddit.org)
submitted 5 days ago by superkret@feddit.org to c/linuxsucks@lemmy.world
30 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] superkret@feddit.org 1 points 4 days ago* (last edited 4 days ago) (11 children)

Because sudo elevates the targeted process to run with administrator-level permission, a prompt will open asking you to verify that you want to continue.

So, Microsoft is explicitely not doing the thing I have issues with in Linux's default sudo implementation.
It asks you for confirmation. It does not ask you for your password.
Because when you're logged in, the system already knows you know that password and doesn't need to ask for it again.

[–] Mjpasta710@midwest.social 1 points 4 days ago (10 children)

As it's been pointed out in this thread, you can reduce the security of your system by modifying the configuration file and adding the string that makes it perform similarly.

The windows implementation also is able to be used in the exact same configuration as sudo's more secure default configuration, on most distributions.

Windows doesn't pick the most secure configuration for a lot of things out of the box.

They're working on improving the security and balancing against making it useful for those who refuse to learn new practices.

I didn't see it mentioned, but several Linux distributions are configured exactly as you prefer. They aren't typically meant as enterprise implementations when configured like that.

You seem to be ranting that it's not set to your preferred less secure preferences or that you won't add a string to a configuration file to reduce the security.

It's your system set it how you like or adapt.

[–] vox@sopuli.xyz 1 points 3 days ago* (last edited 3 days ago) (1 children)

Windows is technically almost as secure though , since the confirmation prompt is displayed on a virtual desktop that even already elevated processes need extra privileges to access... still wont protect against someone else doing stuff on your computer tho

[–] Mjpasta710@midwest.social 1 points 3 days ago

There are methods to use libraries to click that or completely silence it. If a user can escalate so can code that is run in their user space.

One example they claim to be a non issue, in link below. I searched "rce bypass windows uac"... I found lot of discussion on it, even some git repos.

https://www.darkreading.com/vulnerabilities-threats/exploit-chain-windows-uac-bypass

load more comments (8 replies)
load more comments (8 replies)