AppInfo goes and talks to the Local Security Authority to get the elevated token of the logged in user of Session 1.The flow of runas verb is roughly as follows (if anything is wrong, please remind me): In fact, what Windows lacks is the kind of privilege implementation that does not require UI interaction, like sudo.īut implementing sudo can also be cumbersome. As far as I know, Windows Terminal does not implement any code from the Administrator to the restricted user. Windows Terminal support running in admin mode may not be a good behavior, which means that all shells in other tabs opened from Ctrl+T may be administrator privilege.