Marc EdwardsI can confirm Creative Cloud has added to my /etc/hosts file.
Adobe secretly modifies your hosts file for the stupidest reason: https://www.osnews.com/story/144737/adobe-secretly-modifies-your-hosts-file-for-the-stupidest-reason/
Rachel Rawlings@marcedwards How is it being modified when /etc/hosts is owned by root? An after-install script run by the package manager?
@linuxandyarn Good question! I’m not sure. I guess at some point it asks for and gets admin privileges? It’s been a while since I installed Adobe CC, so I can’t remember.
Daniel Schildt@marcedwards @linuxandyarn At least on Windows, only way to install Adobe products is to give them system level access to everything. Creative Suite installs many background services, that in the past (back in 2017-) were essentially Node.js applications. So your desktop computer has a built-in web server that has been there for almost a decade, accessible via local ports.
Adobe's included Node.js server could be used to run any custom code, not only their own. Essentially an attacker could use it to run extra bits of code that would be hidden inside Adobe's software.
@autiomaa @marcedwards Christ. There are days I want to day-drink just being a Linux admin. If I were responsible for Windows users with that shiz I'd be hospitalized.
(Also, today I learned Windows might have /etc/hosts; I assumed the OP had a Mac.)
@linuxandyarn @marcedwards Yeah, Windows has those tools from FreeBSD. Parts of Windows network stack were originally from FreeBSD, and Microsoft has bern using BSD licensed software for decades. Core parts of Azure were also running on top of FreeBSD (already a decade ago).
Ricci Adams@linuxandyarn @marcedwards At least on my machine, Adobe adds some items to /Library/PrivilegedHelperTools. These will have root access.