Etcher 1.5 on Mac and setuid

Since balenaEtcher requires administrative privileges to write to USB drives, we would like to setuid the executable so that a “common user” can use this tool without providing elevated credentials. Unfortunately, this does not work since executable_path cannot be in used in any binary in a setuid process. This is enforced by dyld (source here) when attempting to load the Electron framework relative to the current executable path.

testmac: ~$ chmod 4755 /Applications/
testmac: ~$ /Applications/ --debug
dyld: warning, LC_RPATH @executable_path/../Frameworks in /Applications/ being ignored in restricted program because of @executable_path
dyld: Library not loaded: @rpath/Electron Framework.framework/Electron Framework
  Referenced from: /Applications/
  Reason: image not found
Abort trap: 6

Could this be addressed by some other means? perhaps by using rpath instead of executable path as indicated here [,@load_path_and@rpath]


Hello, I don’t know if it is possible to setuid an Electron application.
If this worked, it would be a bad idea as the balenaEtcher can run any js script.
ELECTRON_RUN_AS_NODE=1 ./balenaEtcher drops you into a node REPL.