Windows UAC vs. Linux sudo
Is it correct to say that Windows UAC is conceptually the same as Linux sudo?
Can you point out the differences between the two?
UAC elevates the currently logged in user by giving it a system privilege needed to do something marked as needing administrator rights.
- If you are an administrator, you will be asked to confirm that you wish to grant the process administrative access
- If you are standard user, you will be prompted to enter credentials of an administrator account
The point of UAC is to ensure that the actual physical user with administrative privileges wants an action to happen, not an automated process. There are three ways in which a process can run elevated:
- the user can right-click the program and choose "Run as Administrator"
- the program is manifested for an integrity level of
requireAdministrator
- the program is manifested for an integrity level of
highestAvailable
and the user is an administrator
Sudo elevates the currently logged in user by changing the current user to root, or another user, and executes a command as that user. The list of commands and who can do what is defined in /etc/sudoers. Sudo does ask for a password, your password, but caches it for a time so you don't have to re-enter it. The point of sudo is allow a limited number of normal users to execute some commands that need to run as root, or other users.
Some things in Windows, such as installing devices, will ask for an administrator password if they do not have proper privileges to do something. This is somewhat like sudo, but unless you customize your rights assignments, users, and groups under Windows, any administrator can authorize the action.
Kind of. Normally, Linux's sudo
allows you to take on administrator privileges for a period of time. As does Windows's UAC. But, sudo
can also be used to do an action as another user, provided you have super user privledges.