Question

I just created a second user in my computer so guests can use my Mac without the need of using my account. I did this through the GUI (Settings → Users → New User).

While trying to set up permissions and restrictions. I can see that this new user is shown as owner of some of the Applications in my Mac.

  • Why is this happening?
  • Should it be happening at all?
  • Is this Unix related, or macOS related?
Was it helpful?

Solution

Apps that are dragged into the /Applications folder by a user will be owned by that user - e.g. the Unix owner attribute will be that of the user that did the dragging. Apps from the Mac App Store and apps that were delivered via an installer package tend to have root as their owner.

drwxrwxr-x@  13 root  admin    416 28 Nov  2012 Adobe Photoshop CS6
drwxr-xr-x    3 root  wheel     96  8 Oct 12:31 Affinity Designer.app
drwxr-xr-x    3 root  wheel     96  8 Oct 12:31 Affinity Photo.app
drwxr-xr-x    3 Ben   admin     96 31 Oct 13:03 Affinity Publisher.app
drwxr-xr-x@   3 root  wheel     96 23 Jul  2019 App Store.app
drwxr-xr-x    3 Ben   staff     96  3 Oct  2012 Art Directors Toolkit 5i.app

The apps here with owner "Ben" were downloaded and dragged into the /Applications folder. The root-owned apps are OS-bundled, from the Mac App Store, or installed via a .pkg.

The group varies, but is largely irrelevant.

Should it be happening at all?

No. Creating a new user account should not change the ownership of these apps.

Is this Unix related, or macOS related?

MacOS is Unix™. But yes, it's happening at the Unix/POSIX level of file attributes.

Why is this happening?

Without more information, this is unknown. The only reason I can think of relates to User ID numbers. Every user has a unique ID number. The first user created is number 501. Subsequent accounts will be numbered 502, 503, etc.

It may be that the original account used to move these apps to the /Applications folder was deleted, and the new user account has been given the same user ID number, thus inheriting its ownerships.

You can determine the UID of a user with id -u <username>.

As long as the app has the read and execute flags set for all users, then everyone can launch the app. The ownership only matters for deleting the app.

OTHER TIPS

Obviously, you should set up the new user so that it can't "manage your computer."

And I would go on to say that "the account which you use every day" should not be able to do that, either.

Nevertheless, users do not "own" applications.

Licensed under: CC-BY-SA with attribution
Not affiliated with apple.stackexchange
scroll top