starred/terminal
1
0
Fork 0
mirror of https://github.com/microsoft/terminal.git synced 2026-02-04 05:35:20 +00:00
Code Issues 19.0k Packages Projects Releases 20 Wiki Activity

Run as Admin shortcut + elevate:true -> crash loop #18386

New Issue
Closed
opened 2026-01-31 06:12:21 +00:00 by claunia · 7 comments
claunia commented 2026-01-31 06:12:21 +00:00
Owner
Copy Link

Originally created by @ShawnXie01 on GitHub (Sep 6, 2022).

Windows Terminal version

1.14.2281.0 or preview 1.15.2282.0

Windows build number

10.0.19044.0

Other Software

No response

Steps to reproduce

  1. Install terminal regardless preview version or not.
  2. Turn on the "Run this profile as Administrator" in Profile->default
  3. Restart the terminal.

Expected Behavior

No response

Actual Behavior

https://user-images.githubusercontent.com/53345636/188541035-ff4005a1-dbfb-4ed7-8c34-3e9f8367c068.mp4

I also tried run terminal as administrator,but it seemed didn't work.

Originally created by @ShawnXie01 on GitHub (Sep 6, 2022). ### Windows Terminal version 1.14.2281.0 or preview 1.15.2282.0 ### Windows build number 10.0.19044.0 ### Other Software _No response_ ### Steps to reproduce 1. Install terminal regardless preview version or not. 2. Turn on the "Run this profile as Administrator" in Profile->default 3. Restart the terminal. ### Expected Behavior _No response_ ### Actual Behavior https://user-images.githubusercontent.com/53345636/188541035-ff4005a1-dbfb-4ed7-8c34-3e9f8367c068.mp4 I also tried run terminal as administrator,but it seemed didn't work.
claunia commented 2026-01-31 06:12:23 +00:00
Author
Owner
Copy Link

@zadjii-msft commented on GitHub (Sep 6, 2022):

Just xlinking a few issues:

Something weird is going on, for sure

@zadjii-msft commented on GitHub (Sep 6, 2022): Just xlinking a few issues: * #12369 * #13675 * #13908 Something weird is going on, for sure
claunia commented 2026-01-31 06:12:23 +00:00
Author
Owner
Copy Link

@ShawnXie01 commented on GitHub (Sep 7, 2022):

Just xlinking a few issues:

Something weird is going on, for sure

I read them before I raised the issue.I logged in as my admin user,the only user on my windows,and tried to install Terminal from the MicrosoftStore,yet it still didn't work.

@ShawnXie01 commented on GitHub (Sep 7, 2022): > Just xlinking a few issues: > > * [The new 'Run as Administrator' feature returns a 'cannot find WindowsTerminal.exe' error #12369](https://github.com/microsoft/terminal/issues/12369) > * [Run as administrator profiles do not run until terminal is ran as administrator. #13675](https://github.com/microsoft/terminal/issues/13675) > * [Open a new Administrator instance by pressing the '+' in the tab bar while pressing the Ctrl key is not working #13908](https://github.com/microsoft/terminal/issues/13908) > > Something weird is going on, for sure I read them before I raised the issue.I logged in as my admin user,the only user on my windows,and tried to install Terminal from the MicrosoftStore,yet it still didn't work.
claunia commented 2026-01-31 06:12:23 +00:00
Author
Owner
Copy Link

@zadjii-msft commented on GitHub (Oct 24, 2022):

Oh man, you know what, I think another thread might have a better repro. Copying deets here.

If a shortcut properties are set to run wt.exe as Admin
AND
Run as Admin is also set in wt app settings, new tab or the app will not start, and DesktopWindowXamlSource continuously flashes in taskbar.

Terminal ver = 1.15.2874.0
Windows ver = 10.0.19044

@zadjii-msft commented on GitHub (Oct 24, 2022): Oh man, you know what, I think another thread might have a better repro. Copying deets here. > If a shortcut properties are set to run wt.exe as Admin > AND > Run as Admin is also set in wt app settings, new tab or the app will not start, and DesktopWindowXamlSource continuously flashes in taskbar. > > Terminal ver = 1.15.2874.0 > Windows ver = 10.0.19044
claunia commented 2026-01-31 06:12:23 +00:00
Author
Owner
Copy Link

@jboelter commented on GitHub (Jan 8, 2023):

Repro'd a version of the crash loop with the default Administrator account. The issue stems from the way IsElevated() is checking for elevation.

edit: these instructions reproduce the bug; I'm not aware of a fix.

  1. Enable the default Administrator account on your machine (this account is special)
  2. Log into the account (by default no password was set); I used the "Switch User" feature (note: you probably want to set a password and/or disable the account later)
  3. Launch Terminal and change the settings to include a default elevate=true for all profiles
  4. Exit Terminal
  5. Launch Terminal (now w/ all profiles default to elevate); observe an infinite loop while it repeatedly tries to launch an elevated instance from the current instance.
image

Change the default profile settings

    "profiles": 
    {
        "defaults": { "elevate": true },
    ...

Root Cause

I built a custom dev build with some extra logging in the utils.cpp IsElevated check. The built-in Administrator account meets the criteria that it has a TokenElevationTypeDefault token and TokenIsElevated is 1. This in turn causes IsElevated() to return false.

This interacts with TerminalPage::ShouldImmediatelyHandoffToElevated which knows it wants to launch an elevated profile, but (mistakenly) thinks it is not currently elevated. This causes an infinite loop of WindowsTerminal.exe -> elevate-shim.exe while it tries to get an elevated process.

In short, the check for TokenElevationTypeDefault short circuits the elevation check to false and creates an infinite loop.

https://github.com/microsoft/terminal/blob/main/src/types/utils.cpp#L664-L673

            if (elevationType == TokenElevationTypeDefault && elevationState.TokenIsElevated)
            {
                // In this case, the user has UAC entirely disabled. This is sort of
                // weird, we treat this like the user isn't an admin at all. There's no
                // separation of powers, so the things we normally want to gate on
                // "having special powers" doesn't apply.
                //
                // See GH#7754, GH#11096
                return false;
            }

Related Docs:

TokenElevationTypeDefault: Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account (for which UAC disabled by default), service account or local system account.

@jboelter commented on GitHub (Jan 8, 2023): Repro'd a version of the crash loop with the default `Administrator` account. The issue stems from the way IsElevated() is checking for elevation. edit: these instructions reproduce the bug; I'm not aware of a fix. 1) Enable the default `Administrator` account on your machine (this account is special) 2) Log into the account (by default no password was set); I used the "Switch User" feature (note: you probably want to set a password and/or disable the account later) 3) Launch Terminal and change the settings to include a default elevate=true for all profiles 4) Exit Terminal 5) Launch Terminal (now w/ all profiles default to elevate); observe an infinite loop while it repeatedly tries to launch an elevated instance from the current instance. <img width="646" alt="image" src="https://user-images.githubusercontent.com/3619564/211223601-40fd21b1-4e4a-4c09-9702-8b4c5982b0fa.png"> Change the default profile settings ```json "profiles": { "defaults": { "elevate": true }, ... ``` ## Root Cause I built a custom dev build with some extra logging in the utils.cpp IsElevated check. The built-in Administrator account meets the criteria that it has a `TokenElevationTypeDefault` token and `TokenIsElevated` is 1. This in turn causes `IsElevated()` to return `false`. This interacts with `TerminalPage::ShouldImmediatelyHandoffToElevated` which knows it wants to launch an elevated profile, but (mistakenly) thinks it is not currently elevated. This causes an infinite loop of `WindowsTerminal.exe` -> `elevate-shim.exe` while it tries to get an elevated process. In short, the check for `TokenElevationTypeDefault ` short circuits the elevation check to false and creates an infinite loop. https://github.com/microsoft/terminal/blob/main/src/types/utils.cpp#L664-L673 ```cpp if (elevationType == TokenElevationTypeDefault && elevationState.TokenIsElevated) { // In this case, the user has UAC entirely disabled. This is sort of // weird, we treat this like the user isn't an admin at all. There's no // separation of powers, so the things we normally want to gate on // "having special powers" doesn't apply. // // See GH#7754, GH#11096 return false; } ``` Related Docs: **TokenElevationTypeDefault**: _Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account (for which UAC disabled by default), service account or local system account._
claunia commented 2026-01-31 06:12:24 +00:00
Author
Owner
Copy Link

@jboelter commented on GitHub (Jan 30, 2023):

procmon trace (screenshot) of the loop on latest 1.16.10261.0. This is running under the default Administrator account on 10.0.22621.1105 with elevate=true in the defaults.

The sequence doesn't look right given some lost events, but the PID parent/child relationships are as expected.

WindowsTerminal.exe doesn't think it's elevated (per comment above); it's launching elevate-shim which is using shell:Appsfolder with the runas verb to launch WindowsTerminal elevated and the cycle repeats.

image
@jboelter commented on GitHub (Jan 30, 2023): procmon trace (screenshot) of the loop on latest 1.16.10261.0. This is running under the default Administrator account on 10.0.22621.1105 with elevate=true in the defaults. The sequence doesn't look right given some lost events, but the PID parent/child relationships are as expected. WindowsTerminal.exe doesn't think it's elevated (per comment above); it's launching elevate-shim which is using shell:Appsfolder with the runas verb to launch WindowsTerminal elevated and the cycle repeats. <img width="1431" alt="image" src="https://user-images.githubusercontent.com/3619564/215428635-8640b46c-76ae-4813-96a2-854013ea459f.png">
claunia commented 2026-01-31 06:12:24 +00:00
Author
Owner
Copy Link

@DHowett commented on GitHub (Jan 31, 2023):

                return false;

Ah, heck. This came up in an earlier code review that we didn't end up merging, too.

We need separate checks for IsUserAnAdminInAWayThatBreaksSomeOfOurFeatures and IsUserAnAdminAtAll. Names TBD. @zadjii-msft, do you remember when that came up? Was it for elevated-state?

@DHowett commented on GitHub (Jan 31, 2023): > ```cpp > return false; > ``` Ah, heck. This came up in an earlier code review that we didn't end up merging, too. We need separate checks for `IsUserAnAdminInAWayThatBreaksSomeOfOurFeatures` and `IsUserAnAdminAtAll`. Names TBD. @zadjii-msft, do you remember when that came up? Was it for elevated-state?
claunia commented 2026-01-31 06:12:24 +00:00
Author
Owner
Copy Link

@zadjii-msft commented on GitHub (Mar 3, 2023):

image

@zadjii-msft commented on GitHub (Mar 3, 2023): ![image](https://user-images.githubusercontent.com/18356694/222755794-ae991f6d-6b8e-49de-ac94-71efdb219a76.png)
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Reserved
A11yCO
A11yMAS
A11ySev1
A11ySev2
A11ySev3
A11yTTValidated
A11yUsable
A11yVoiceAccess
A11yWCAG
Area-Accessibility
Area-AtlasEngine
Area-AzureShell
Area-Build
Area-Build
Area-Chat
Area-CmdPal
Area-CodeHealth
Area-Commandline
Area-CookedRead
Area-DefApp
Area-Extensibility
Area-Fonts
Area-GroupPolicy
Area-i18n
Area-Input
Area-Interaction
Area-Interop
Area-Localization
Area-Output
Area-Performance
Area-Portable
Area-Quality
Area-Remoting
Area-Rendering
Area-Schema
Area-Server
Area-Settings
Area-SettingsUI
Area-ShellExtension
Area-ShellExtension
Area-ShellExtension
Area-Suggestions
Area-Suggestions
Area-TerminalConnection
Area-TerminalControl
Area-Theming
Area-UserInterface
Area-VT
Area-Windowing
Area-WPFControl
AutoMerge
Blocking-Ingestion
Culprit-Centennial
Culprit-WinUI
Disability-All
Disability-Blind
Disability-LowVision
Disability-Mobility
External-Blocked-WinUI3
Fixed
Gathering-Data
good first issue
HCL-E+D
HCL-WindowsTerminal
Help Wanted
Impact-Compatibility
Impact-Compliance
Impact-Correctness
Impact-Visual
In-PR
InclusionBacklog
InclusionBacklog-Windows TerminalWin32
InclusionCommitted-202206
Issue-Bug
Issue-Docs
Issue-Feature
Issue-Feature
Issue-Question
Issue-Samples
Issue-Scenario
Issue-Task
Needs-Attention
Needs-Author-Feedback
Needs-Bisect
Needs-Discussion
Needs-Repro
Needs-Tag-Fix
Needs-Tag-Fix
Needs-Triage
No-Recent-Activity
Priority-0
Priority-1
Priority-2
Priority-3
Product-Cmd.exe
Product-Colortool
Product-Colortool
Product-Colortool
Product-Conhost
Product-Conpty
Product-Meta
Product-Powershell
Product-Terminal
Product-WSL
pull-request
Mirrored from GitHub Pull Request
 Resolution-Answered
Resolution-By-Design
Resolution-Duplicate
Resolution-External
Resolution-Fix-Available
Resolution-Fix-Committed
Resolution-No-Repro
Resolution-Won't-Fix
Severity-Blocking
Severity-Crash
Severity-DataLoss
spam
this-will-be-a-breaking-change
Tracking-External
WindowsTerminal_Win32
Work-Item
zAskModeBug
zInbox-Bug
No Label Area-Windowing In-PR Issue-Bug Needs-Tag-Fix Priority-1 Product-Terminal
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
claunia
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/terminal#18386
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?