* Steve Kinney <ad...@pilobilus.net> [04-06-18 03:15]: > > > On 04/06/2018 12:05 AM, Liam R E Quin wrote: > > On Thu, 2018-04-05 at 23:40 -0400, Steve Kinney wrote: > >> > >> On 04/05/2018 09:41 PM, Liam R E Quin wrote: > >>> On Thu, 2018-04-05 at 20:42 -0400, Steve Kinney wrote: > >>>> > >>>> It /should/ be impossible for a program opened by a 'regular' > >>>> user to > >>>> run in superuser mode, unless the regular user enters the root > >>>> password. > >>> > >>> It can happen if the program's binary is owned by the root user and > >>> is > >>> mode u+s (set-userid). > >>> > >>> Liam (ankh) > >> > >> Yikes. > >> > >> One "should" not allow this either, without a very good reason... > > > > On most user applications, no, although > > ls -l /usr/bin/ | grep '^[^ ]*s' | wc -l > > gives 36 results here (many setgid rather than setuid, and not all > > owned by root, but e.g. su, sudo, umount, all have to be root-owned and > > suid.). > > > > It's possible to disable set-userid file modes from being respected > > using a mount option, but using that on the system partitions would > > break yuor system. > > Ah so. My comprehension of Linux internals is only rudimentary, but > once pointed out it's obvious that su, sudo and umount would be owned by > root - only root can do the things they enable a user with the root > password to do. > > A graphics editor or a wrapper for portable applications? Not so much. :D
not knowing flatpack, the package was probably installed using root account and took the installer account perms and file locations. if installed into root's home, would indeed have root perms, even as illogical as that would be. -- (paka)Patrick Shanahan Plainfield, Indiana, USA @ptilopteri http://en.opensuse.org openSUSE Community Member facebook/ptilopteri Registered Linux User #207535 @ http://linuxcounter.net Photos: http://wahoo.no-ip.org/piwigo paka @ IRCnet freenode _______________________________________________ gimp-user-list mailing list List address: gimp-user-list@gnome.org List membership: https://mail.gnome.org/mailman/listinfo/gimp-user-list List archives: https://mail.gnome.org/archives/gimp-user-list
