So opening a Elevated command prompt was as simple as writing

sudo cmd

Actually the code for this is very simple as it just executes a well documented system function ShellExecute.

I have made some changes to the script and now it remembers the credentials. So once you execute any command, Vista will ask you confirmation only once and any subsequent call won’t ask for the confirmation with the UAC dialog box.

The concept behind this is very simple too:

A process launched from any elevated process will be (by default) automatically elevated at administrative assess. So what this script (client) does is launch a elevated Ruby server first time you run it, so it will Vista will prompt you for confirmation. For any subsequent call it will just see that the server is already running and it will just use that server for elevating launched processes.

How it works:

When you write “sudo cmd” in the command prompt (or run it any where else):

• Check if the “sudo server” process is running. If not then start it. (This will result in a UAC prompt).
• Connect to the server using TCP and ask it to run the command “sudo cmd”.
• The server will launch the elevated process.

The code for Client and the Server is in Ruby and thus can easily be improved upon. One can easily add code to kill the server after a specific time interval or after running a fixed number of commands. Actually I am not sure if this is the correct way to handle this, so any comments will be welcome.

 Download Here

Just un-rar this file anywhere and add it to system path. To run it just write sudo <command name> in “command prompt” of in the “Run dialog box”. Example to run notepad: “sudo notepad”

This code was written with ruby 1.8.6.

   1: require 'Win32API'

   2:  

   3: def shell_execute(process_name)

   4:     process = ''

   5:     process.replace(process_name)

   6:     se = Win32API.new("shell32", "ShellExecute", ['P','P','P','P','P','I'], 'I')

   7:     se.Call(nil,"runas",process,nil,nil,5)

   8: end

   9:  

  10: shell_execute(ARGV[0])

In Vista you can do the same by right clicking on the file and selecting “Run as Administrator” but this script allows you to run a process in admin mode using the command line.

The ShellExecute function resides in the shell32.dll and is documented here.

By just giving “runas” as the second parameter to the function the process is executed in the administrative mode.

So this allows a normal user to have elevated privileges whenever required.

Also I always give the default user read only permission and the administrator full permission to the folder that contains my important data. This way I can be sure that if any virus manages to break into my system, it is not able to corrupt my important data.

So by running in the non-admin mode I cannot move files inside the folder that contains my important data or install any software without being prompted for my permission. This can be very annoying especially you are installing many softwares. A work-around for this is opening a command prompt with admin privileges and using that for moving and installing stuff.

Another way of doing this is by opening the explorer.exe process with admin privileges. This doesn’t work by default as opening explorer.exe doesn’t create a new instance of it. To make explorer.exe open new instances every time you have to enable it. It can be enabled by opening any folder, selecting organize from the toolbar -> Folder and Search options -> View (tab) and check the option "Launch folder windows in separate process".

That’s it, now whenever you open explorer.exe from the Vista start menu with admin privileges by right clicking it, any process that you open from inside it will not prompt you for confirmation and thus saving you the headache as you will be in admin mode inside that window.