> viewing data is a fundamental failure of the principle of least privilege.

I read the cwe not cve, was wrong. It's still early in the morning...

seritools 10 hours ago | parent | next [-]

You are mistaken:

> The malicious code would execute in the security context of the user who opened the Markdown file, giving the attacker the same permissions as that user.

▲

mwalser 10 hours ago | parent | prev [-]

> If I read it correctly (but could be mistaken), it runs with setuid root

I am certain you are mistaken. I couldn't find anything that hints at notepad running with elevated privileges.

▲

dijit 10 hours ago | parent [-]

People very often run notepad as administrator (anything launched from administrative powershell instances will run like this).

In fact, if you enabled developer mode on your computer there's a registry key that gets set to run notepad as admin, it's: `runas /savecred /user:PC-NAME\Administrator “notepad %1”` in HKEY_CLASSES_ROOT-> * -> shell -> runas (new folder) -> (Default)

And, if I'm not totally mistaken, notepad also has the ability to reopen files as administrator, but I don't remember how to invoke it.

Regardless, notepad is a very trusted application and is often run as Administrator. Often it's more trusted than any other utility to modify system files.

▲

patates 10 hours ago | parent | next [-]

> And, if I'm not totally mistaken, notepad also has the ability to reopen files as administrator, but I don't remember how to invoke it.

I think that's a notepad plus plus feature. I had it offer to reopen itself as administrator when editing system files like HOSTS.

▲

MarleTangible 7 hours ago | parent | prev [-]

> Regardless, notepad is a very trusted application and is often run as Administrator.

Sorry to say this, but Notepad was a very trusted application now. I cannot believe that such a core utility has a 8.8 CVE, it sounds like a joke tbh.

	▲	dijit 7 hours ago \| parent [-]
		A totally valid modification to the statement I made. These are sad times.