• Pantherina@feddit.de
    link
    fedilink
    arrow-up
    1
    arrow-down
    1
    ·
    1 year ago

    Regarding Windows all I read is that this “admin permission dialog” is launched in some form of sandbox where no software can access it. Not sure about faking input devices though, and I am also not promoting Windows for Security

    • IAm_A_Complete_Idiot@sh.itjust.works
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      1 year ago

      True, but that doesn’t necessarily matter if I can compromise the privileged app instead. I could replace it, modify it on disk, or really any number of things in order to get myself a hook into a privileged position.

      Just injecting code in some function call which launches malware.exe would do the trick. Ofc signature checks and the like can help here - but those aren’t a given. There’s any number of ways you can elevate yourself on a system based off of user security if your threat model is malicious processes. Linux (and windows) will stop users from accessing each other’s crap by default, but not processes.

      Or: supply chain attacks. Now your official app without any modifications is malicious.