Privilege escalation

These privileges can be used to delete files, view private information, or install unwanted programs such as viruses.

It usually occurs when a system has a bug that allows security to be bypassed or, alternatively, has flawed design assumptions about how it will be used.

Then, an attacker may be able to exploit this assumption, in order to run unauthorized code with the application's privileges: In computer security, jailbreaking is defined as the act of removing limitations that a vendor attempted to hard-code into its software or services.

[2] A common example is the use of toolsets to break out of a chroot or jail in UNIX-like operating systems[3] or bypassing digital rights management (DRM).

A similar method of jailbreaking exists for S60 Platform smartphones, where utilities such as HelloOX allow the execution of unsigned code and full access to system files.

These include the proposal of the additional kernel observer (AKO), which specifically prevents attacks focused on OS vulnerabilities.

The result is that the application performs actions with the same user but different security context than intended by the application developer or system administrator; this is effectively a limited form of privilege escalation (specifically, the unauthorized assumption of the capability of impersonating other users).

A diagram describing privilege escalation. The arrow represents a rootkit gaining access to the kernel, and the little gate represents normal privilege elevation, where the user has to enter an Administrator username and password.
Privilege rings for the x86 available in protected mode
vectorial version
vectorial version