Then you are
bothall missing the most basic and fundamental point of this whole entire thread.
This is a portable version of calibre. It is meant to be run from a flashdrive, designed for use across computers with different user accounts and G/UIDs.
In such a case, the only solution is world read/write. The alternative is using vfat... which is also world read/write!
And yes, when you unplug and remount the drive, it easily becomes owned by the attacker, that is chmod 777 as far as I am concerned.
Are you freaking kidding me, talking about security
on a home computer when using external hard drives?
In fact,
I committed changes to the calibre-portable.sh launcher, that are designed to ensure all new files created under the scope of that launcher are created 777, in order that you can actually use the darn thing in the first place! Without making fstab rules or patching udisks-daemon to stop mounting vfat as noexec...
In this case, running chmod 777 is merely playing catch-up to my change.