Paul, > Thanks, that all looks good to me.
OK, I've pushed it. > I don't know the distinction between runas and runas /env [1] explains it. I don't think there is a security pitfall here: The responsibility is with the user who runs a 'runas' command or installs a scripts that runs 'runas'. > I was concerned that simply using getenv would introduce security problems. > Bruno's patch contains a comment > containing the sort of explanation I was looking for. More details: The security problems are mitigated by the fact that the OS asks the user before running a program with elevated privileges - even in the case where the executable is configured to always run with elevated privileges [2]. In native Windows, a program cannot run code with elevated privileges without the user being aware of it. There is the "task scheduler trick" [3] but it too requires action by an administrator. Bruno [1] http://ss64.com/nt/runas.html [2] http://superuser.com/questions/604927/how-do-i-configure-my-application-to-run-as-administrator-automatically [3] http://www.howtogeek.com/howto/windows-vista/create-administrator-mode-shortcuts-without-uac-prompts-in-windows-vista/
