Compromising your user account is pretty bad. Let's see:
- Often gets your SSH key. Certainly gets to use your SSH agent.
- Can easily persistently compromise your web browser.
- Can trivially exfiltrate all your data.
- Has a good chance of being able to run 'sudo'.
- Can generally break Mac OS's sandboxing. (There's no shortage of examples demonstration that Apple really doesn't try very hard to make Mac OS resist attack by programs that are sort-of-sandboxed.)
- Gets all of your privilges for all of your fancy cloud services: GitHub, your favorite cloud's admin page, your email, slack, etc.
Saying "but it wasn't root" is not much comfort, nor is it even necessarily true.
I forgot to mention that the client software does have access to your user account on the local machine as well. That's always been the case with just about all software. These days one must look into a local firewall and sandboxing for further protection.
- Often gets your SSH key. Certainly gets to use your SSH agent.
- Can easily persistently compromise your web browser.
- Can trivially exfiltrate all your data.
- Has a good chance of being able to run 'sudo'.
- Can generally break Mac OS's sandboxing. (There's no shortage of examples demonstration that Apple really doesn't try very hard to make Mac OS resist attack by programs that are sort-of-sandboxed.)
- Gets all of your privilges for all of your fancy cloud services: GitHub, your favorite cloud's admin page, your email, slack, etc.
Saying "but it wasn't root" is not much comfort, nor is it even necessarily true.