sudo has no effect on native Windows executables

[igor-gorlov]

Windows Version

Microsoft Windows [Version 10.0.19045.3324]

WSL Version

1.2.5.0

Are you using WSL 1 or WSL 2?

• [X] WSL 2
• [ ] WSL 1

Kernel Version

5.15.90.1

Distro Version

Debian 12

Other Software

No response

Repro Steps

1. Install a fresh Debian instance:

   wsl --install -d debian

2. Create default user (its name does not matter, let's take admin).
3. From WSL terminal, open Windows Notepad as root:

   sudo -u root $(command -v notepad.exe)

4. Within Notepad GUI, type some random text and save it to a new file (for example, test.txt) located at \\wsl$\debian\home\admin\.
5. Close the Notepad window.
6. Again from WSL terminal, check the owner of the newly-created file:

   $ ls -l ~/test.txt

Expected Behavior

-rw-r--r-- 1 root root 9 Sep  4 19:52 /home/admin/test.txt

Actual Behavior

-rw-r--r-- 1 admin admin 9 Sep  4 19:52 /home/admin/test.txt

Diagnostic Logs

No response

[paxsali]

I'm not sure it's defined behavior to be able store native Windows "administrator" owned files when launching "outside-WSL" native Windows-binaries from sudo, from inside a unix-like environment like WSL.

It's not defined inside sudo itself (which is a project separate from WSL) and it's not defined in WSL, AFAIK.

I would start with the basic question: where did get that assumption from, that it is supposed to be like that?

Meaning, why do you think it's legitimate to be the expected behavior (as you suggested)?

Can you give a counter-example, e.g. from MSYS2 or Cygwin, where it does work like you describe unter "Expected Behavior"?

[ghost]

I don't know if this is a feature we will ever want to implement. You can try running wsl.exe, using interop, and seeing if that meets your needs. I tried using net.exe session from an admin, and a non-admin, wsl console and seemed to get the desired results.