I know how to repair disk permissions. But... Who broke them?

One of the common Mac troubleshooting steps everyone always seems encouraged to try first is to "repair disk permissions" in Disk Utility.

This process usually finds random odd problems, fixes them, and on rare occasions it actually makes a difference.

But...

How on earth are random files ending up with their disk permissions changed in the first place?

That seemingly crucial operating system files are ending up randomly tampered with is actually a bit disturbing to me. What is causing this? Why after a decade of telling people to "repair permissions" hasn't some sort of lock been applied to prevent permissions from being inappropriately changed in the first place?

What is the real story here?


Solution 1:

Many factors might come into mind. A process with root privileges is the main cause.

Think about an Application that you grant permissions to install using your Admin password. This Application might not have permissions set properly for certain folders that are installed in key OS location (i.e. /Library) would cause the permissions to change.

Think about a process in an Application that is granted a root privilege and does tamper with permissions in folders incorrectly.

The idea of locking the permissions is nice, but that would be implemented at this time with a no-write permission. Unless of course there is lock-permission-only flag is used; something I don't know if it exists.