: Ensure that standard users do not have write access to the root of the drive or other sensitive application directories.
Older versions of NSSM (pre-2.24) had a potential DLL search-order hijacking issue. When NSSM starts, it loads certain system DLLs. If an attacker places a malicious version.dll or winmm.dll in the same directory as nssm.exe and a privileged user runs NSSM, code execution could occur. nssm-2.24 exploit
"It’s not just running code," Elias whispered to the empty server room. "It’s replacing the soul of the machine." : Ensure that standard users do not have