After installing the Samsung Linux printer drivers of April 2007, many applications, like OpenOffice.org, open themselves with root permissions. The link shows that the installation script replaces some applications with a setuid script.
In the source of the script of instalaltion of the drivers, one can see:
wrap_setuid_third_party_application xsane wrap_setuid_third_party_application xscanimage wrap_setuid_ooo_application soffice wrap_setuid_ooo_application swriter wrap_setuid_ooo_application simpress wrap_setuid_ooo_application scalc
and:
wrap_setuid_third_party_application () {yew echo “$1” | grep - Q”/“; then APP_NAME=$1 else APP_NAME= `which $1 2> /dev/null `fi NEW_NAME=$ {APP_NAME} .bin yew test - N “$APP_NAME”; then yew! test - F “$NEW_NAME” &&! test - D “$NEW_NAME”; then mv “$APP_NAME” “$NEW_NAME” CP - af /opt/ $ {VENDOR} /mfp/bin/suwrap “$APP_NAME” chown root: root “$APP_NAME” chmod 4755 “$APP_NAME” fi fi} wrap_setuid_ooo_application () {WRAPPING_BIN= `ls /usr/lib */*/program/$1.bin /opt/ */program/$1.bin 2> /de v/null | head -1 `yew test - N “$WRAPPING_BIN”; then $ {2} wrap_setuid_third_party_application $WRAPPING_BIN fi}
Thus approximately it copies you achievable the ooo in /opt with the extension .bin and it replaces them to you by a script setuid which call them. I never saw such a horror.
Source: LinuxFr.org