[zuuow]

As if a virus really needed administrator access for anything...

Maybe to fuck up your machine... but if they want to snoop on your passwords, encrypt your files, mine bitcoin, participate in a DoS attack... they can do that without elevating

[pvorb]

You could even replace every command I run with a malware version simply by altering the $PATH in ~/.bashrc. If you manage to replace, say, apt-get with a malware version, you'll get admin permissions every time I run `sudo apt-get ...`.

[wang_li]

If your sudo is configured correctly it will have an administrator defined PATH. However if you have sudo price to run apt-get, anything that could manipulate your rc files can just run sudo apt-get on its own. No need to trick you.

[Godel_unicode]

Unless it doesn't have your password, and sudo is configured to require auth to elevate. This is the STIG requirement for this exact reason

Edit: of course, it could just manipulate the path to include it's own evil sudo wrapper, but the chess match always sounds like this.