• _edge
    link
    fedilink
    arrow-up
    15
    ·
    1 year ago

    Yes, that’s my understanding. A normal user cannot do this. (And of course, an attacker shouldn’t not control a local user in the first place.)

    Physical access is also a risk, but physical access trumps everything.