People are doing too much HackTheBox or the like I guess … where you always have some entry point and then need to do privesc to get the root flag.

Then they are forgetting how much untrusted software they are running as their user account that can do much damage without need to do privilege escalation to root.