[TACIXAT]

I expect it will be very much the same as drivers we have today, where you have some game anti-cheat rootkit that has a bug in it.

In Fuschia's case it will be like that but the exploitation either gives you access to that driver's capabilities, or simply that driver is giving out handles with permissions insufficiently removed from them.

It will be cool to see a full system audit of capabilities, but I don't think that analysis exists yet.

[bestorworse]

> In Fuschia's case it will be like that but the exploitation either gives you access to that driver's capabilities, or simply that driver is giving out handles with permissions insufficiently removed from them

Yes, and then you would have to own a component in some route that received the driver exposed capability. Either way, the tight sandoxing and compartmentalization of functionality make things difficult.

There's an example of analysis here: https://blog.quarkslab.com/playing-around-with-the-fuchsia-o...