• @stown
    link
    English
    341 year ago

    I’ll answer because I found the information. It appears that the attacker would need to rely on physical access to the machine OR another exploit that lets them access the computer remotely.

    • @The_Cleanup_Batter
      link
      English
      131 year ago

      So the best security is still keeping your computer behind a locked door and not clicking on suspicious stuff?

    • @[email protected]
      link
      fedilink
      English
      6
      edit-2
      1 year ago

      Or they could just get you to execute the command without your knowledge (eg: all the people who just blindly copy-paste commands, or pipe scripts from the net into sudo). Or it could be a compromised github account/repo (supply-chain attack). Or even the ol’ techsupport scam where they get gullible users to install stuff…