From 921e2d012c0b594fc8558d1b58c962d9dbf42b27 Mon Sep 17 00:00:00 2001
From: Patrick Schleizer <adrelanos@riseup.net>
Date: Sat, 31 Oct 2020 09:25:54 -0400
Subject: [PATCH] fix, do not run `chmod --recursive 700 "${app_homedir}"`

https://forums.whonix.org/t/system-wide-sandboxing-framework-sandbox-app-launcher/9008/224
---
 usr/bin/sandbox-app-launcher | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/usr/bin/sandbox-app-launcher b/usr/bin/sandbox-app-launcher
index 005822c..822defc 100755
--- a/usr/bin/sandbox-app-launcher
+++ b/usr/bin/sandbox-app-launcher
@@ -108,7 +108,15 @@ setup() {
   fi
 
   if ! [ "$(stat -c %a "${app_homedir}")" = "700" ]; then
-    chmod 700 -R "${app_homedir}"
+    ## command:
+    ## find /home/sandbox-app-launcher-appdata/torbrowser/.tb/tor-browser -executable -type f
+    ## output:
+    ## /home/sandbox-app-launcher-appdata/torbrowser/.tb/tor-browser/start-tor-browser.desktop
+    ## /home/sandbox-app-launcher-appdata/torbrowser/.tb/tor-browser/Browser/libmozavcodec.so
+    ## ...
+    #chmod --recursive 700 "${app_homedir}"
+    ## Therefore do not use --recursive.
+    chmod 700 "${app_homedir}"
   fi
 
   ## Generate seccomp filter.