[ec109685]

Isn’t the definition of privilege escalation going from non-root to root or did you mean that any RCE on an application gets you root.

Nit picking comment aside, I wonder if the fact that it is single-user was one of the reasons Apple did not go with it.

[saghm]

On a multi-user system, you could have one non-root user gain privileges granted to another non-root user, which I think would still be considered a privilege escalation; e.g. before the escalation, I only have access to my own home directory, but afterwards, I have access to both my own and yours.