Clarify what is happening and who is requesting permissions in the UAC prompt.
e3ndr opened this issue · comments
No clue how achievable this would be, but if this could somehow show “Requested by Terminal” and maybe a “More Info” button that shows the full command line that’d be great.
I could see this being used as an attack vector against unskilled users who see the prompt and think “yeah, i trust Microsoft with admin permission." and click Yes blindly.
Original prompt (as seen in the documentation):
My suggested revision/alteration:
(obviously my version sucks visually. make it prettier ;) )
If you are changing the UAC popup... There is so much more:
- That Microsoft has signed the
sudo.exe
is now irrelevant. - Show the signature of the process to elevate instead.
- Show the full command line to elevate (I don't want to click 'Show more details' every time), so we know which sub-command is being elevated.
- Let me check which process is asking for elevation.
IMO: Enabling Sudo is kind of a new step in the UAC control settings. Integrating Sudo and UAC is the obvious next step.
Potential workaround until UAC is improved: use separate exe for rpc server and sign it with publisher name set to "Unknown".
I really want to work with the UAC folks in the coming months with this. I think this is a great idea.
This is tracked internally with MSFT:49342133