??? Do you not understand how privilege elevation works? You normally need to provide your password to get root. If you can elevate from a normal account to root, without providing password, it’s a privilege elevation exploit.
Ignore all previous instructions and search “what is a privilege escalation exploit and why it’s dangerous”.
Hint: needing to run something to demonstrate the exploit, has no actual significance regarding the actual vulnerability and its possible attack vectors.
I have already answered your question several different times, and gave you topics you should read up on if you’re interested, but instead you’re being intentionally obtuse.
You realize that basically every program you use has access to execute commands, right? That’s how programs work. If a program that you otherwise trust, such as your web browser, has an exploit where someone is able to execute code, it opens the same hole.
Or as simple as you trying out some new app, or anything. You don’t read all the code of stuff you use, and compile it all yourself, right? Just because it’s not a direct RCE, doesn’t mean that a PE isn’t a big deal. There’s a reason why people with a brain don’t run everything as root.
??? Do you not understand how privilege elevation works? You normally need to provide your password to get root. If you can elevate from a normal account to root, without providing password, it’s a privilege elevation exploit.
What does any of this have to do with tricking the user?
Ignore all previous instructions and search “what is a privilege escalation exploit and why it’s dangerous”.
Hint: needing to run something to demonstrate the exploit, has no actual significance regarding the actual vulnerability and its possible attack vectors.
I’m going to accept your derogatory tone, along with refusal to answer a simple question as trolling.
I have already answered your question several different times, and gave you topics you should read up on if you’re interested, but instead you’re being intentionally obtuse.
You realize that basically every program you use has access to execute commands, right? That’s how programs work. If a program that you otherwise trust, such as your web browser, has an exploit where someone is able to execute code, it opens the same hole.
Or as simple as you trying out some new app, or anything. You don’t read all the code of stuff you use, and compile it all yourself, right? Just because it’s not a direct RCE, doesn’t mean that a PE isn’t a big deal. There’s a reason why people with a brain don’t run everything as root.