The result is a privilege escalation attack, which assumes an attacker has already gained initial access to the target system
Contrary opinion: I'd rather have a world in which everyone is always root on their machine and trusts all their software --- regardless of how mistaken that trust can be --- than the current trend of using "privilege separation" to take away freedom and control, create walled gardens, and silo applications from interoperating with each other. I have had little care for privilege escalation "attacks" ever since I realised that in practice they are so common, and also quite harmless (or sometimes even freedom-enabling), that it's often a way to feed the security-paranoia news machine and further drive users into the increasingly restrictive regimes of non-general-purpose computing.
That said, I didn't install Zoom, but rather use a standard SIP client to join. As others have mentioned, using a browser is also possible when SIP is not an option.
Contrary opinion: I'd rather have a world in which everyone is always root on their machine and trusts all their software --- regardless of how mistaken that trust can be --- than the current trend of using "privilege separation" to take away freedom and control, create walled gardens, and silo applications from interoperating with each other. I have had little care for privilege escalation "attacks" ever since I realised that in practice they are so common, and also quite harmless (or sometimes even freedom-enabling), that it's often a way to feed the security-paranoia news machine and further drive users into the increasingly restrictive regimes of non-general-purpose computing.
That said, I didn't install Zoom, but rather use a standard SIP client to join. As others have mentioned, using a browser is also possible when SIP is not an option.