On Linux, would something like Snap or Flatpak have protected them? It seems nuts that a random executable should have access to the password service.
On Linux, would something like Snap or Flatpak have protected them? It seems nuts that a random executable should have access to the password service.
Ultimately it depends on the exact mechanism here, maybe the tool/README said "Run sudo ./setup-deps" and they followed it, or something similar, not sure any sort of software isolation would have helped at that point.