From eb612bc4bb0a63b931d7bbefdb6e98eb09dc6ec9 Mon Sep 17 00:00:00 2001
From: AJ Mabry <81774843+aj-bw@users.noreply.github.com>
Date: Mon, 17 Nov 2025 11:06:07 -0500
Subject: [PATCH] testing setting permissions on chrome-sandbox via electron
 builder hook

---
 apps/desktop/scripts/after-pack.js | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/apps/desktop/scripts/after-pack.js b/apps/desktop/scripts/after-pack.js
index 5fc42f31ac3..7cb329b2ff9 100644
--- a/apps/desktop/scripts/after-pack.js
+++ b/apps/desktop/scripts/after-pack.js
@@ -30,6 +30,15 @@ async function run(context) {
     fse.copyFileSync(wrapperScript, wrapperBin);
     fse.chmodSync(wrapperBin, "755");
     console.log("Copied memory-protection wrapper script");
+
+    // TEST: Set SUID on chrome-sandbox during build
+    const chromeSandbox = path.join(appOutDir, "chrome-sandbox");
+    if (fse.existsSync(chromeSandbox)) {
+      fse.chmodSync(chromeSandbox, "4755");
+      console.log("✓ Set SUID permissions on chrome-sandbox (mode 4755)");
+    } else {
+      console.warn("⚠ chrome-sandbox not found at:", chromeSandbox);
+    }
   }
 
   if (["darwin", "mas"].includes(context.electronPlatformName)) {