Muse Hub installer requires admin on macOS

• Dec 20, 2022 - 15:38

Hi -- I'd like to know why the Muse Hub installer requires admin privileges on macOS. Why does it need them? What is done that I cannot do as a non-privileged user do? Thanks!


In reply to by user2442

Hi jeroen2442 -- close, but no cigar :-)

You're referring to the normal message that pops up when you download an app -- for instance, I saw the message you describe with the "MuseScore 4" app itself. It only has "Allow" and "Cancel" type buttons.

For the "MuseHub" app, something different comes up, which is a dialog specifically stating that it wants to install a helper application, which needs admin privileges. This is what I was questioning, not the ordinary Apple "app downloaded from web" yes/no box.

I would like to know what that helper app does, and why the installer feels it needs to be there, and why it has to be an admin-installed app.

As @Jojo-Schmitz mentioned above, there is a similar thing that happens on the Linux version of MuseHub, where the same question has been raised.

In reply to by chris_st

Hi Chris,

This is worth getting to the bottom of...

What I see, and what I think you are referring to, is the attached dialog.

This is in Dutch. It says, basically, that Muse Hub wants to install a helper application and asks for my password for permission. I do not see that this helper application needs admin privileges.

When I consent, and then look for processes with Hub in their name, I see

jeroen 1233 0,0 0,0 34462808 6632 ?? Ss 2:08am 0:00.02 /Applications/Muse

jeroen 1232 0,0 0,2 35194716 83396 ?? S 2:08am 0:00.87 /Applications/Muse Hub

These processes run under my userid, so do not have admin privileges. There are no other processes running with as parent either of these processes.

So my guess is that the program Muse Hub wanted to install is indeed HelperInstaller, and that seems innocent enough.

Do you see something different on your computer?

In reply to by user2442

Hi Jeroen2442,

Yup, that's the dialog. The important difference here is who is asked to install the helper application.

For me, when I get a new computer, I always set up two users: the first is my full name, and (by default) is an admin user -- this user has more privileges and can do more stuff than an "ordinary" user. Next, I set up an ordinary user using the short form of my name.

Since I always log in as the ordinary user, I run everything I normally do without admin privileges. This is safer -- if there is an application that wants to do something bad, for example install a program to track every keystroke I make and send it to some website, it won't run because I am not an admin.

And, importantly, when I get the same dialog (except in English), it's asking (quoting exactly here): "Enter an administrator's name and password to allow this." Screenshot attached.

So this program must be installed by an admin. I'm guessing that since your account is the first/default one, you have admin privileges already, and so it doesn't mention this. I'm sure if I ran it as my admin user, the "Hub" programs you found would be running as that user, not my least-privileged user.

Yes, you're right, the "hub" programs you found are running as you -- with, I believe, admin privileges.

SO: Where did this whole discussion start? With me asking why this program needs to be installed with admin privileges, and what it does. I still want to know the answers to these questions! As mentioned above, there are substantial concerns as what was found in the Linux version of Muse Hub. I have those same concerns.

Attachment Size
Dialog.png 129.21 KB

In reply to by chris_st

Hi Chris,

very astutely observed. I installed Muse Hub as admin, and the output from ps showed indeed it running as this user, thus with admin privileges. Not as bad as root, but still bad. Oops.

But all is not lost. When I logged on as plain user, the same output from ps showed that user as process owner, meaning that it ran with that user's privileges. This held for both MuseScore and Muse Hub.

I believe that, except when special flags are set on the executable, it always runs with the privileges of the user starting the program. Regardless of who owns the program.

So in the end I still believe that there is no cause for alarm. The program will do nothing that the user couldn't do otherwise.

To address your final question: I still believe that, on Mac at least, the program, once installed, has no special privileges. To install it, of course, you need to have administrative power.

Updated: since has become clear that there is also a service running as root. That opens up the whole problem again.

In reply to by user2442

Well, I have to politely disagree -- I'm glad the programs you found are running as you, but I wonder about other programs. And, I wonder about their ability to become an admin user... I know that can be done in some circumstances. I also wonder whether there are programs set up to run at (say) 2 in the morning, that won't show up in a current list of programs.

The other concern is if the Muse Hub servers get hacked, and an update is pushed with malware of some kind. In that case, we'd have admin-permission programs running and doing bad stuff. This has happened with other programs, it's not a theoretical issue.

However, if the Muse Hub programs never are run as admin users, then the "blast radius" is far more limited.

Again, the question isn't really "are these current programs bad", it's "Why do they insist on admin privileges"? It's evident from your analysis that some of them run as you, so... why do it at all? Why introduce these (serious!) security issues?

In reply to by user2442

I should add that there actually is another process which you can see if you filter process names by "muse" instead of "hub", and which indeed does run as a root. I see the following output running the ps command:

dm@01:54 ~ $  ps aux | grep -iE 'muse|hub'
root               688   0,0  0,1 34338016  25116   ??  Ss    1:54     0:00.36 /Library/PrivilegedHelperTools/com.muse.museservice
dm                 651   0,0  0,0 34199352   5112   ??  Ss    1:54     0:00.02 /Applications/Muse
dm                 647   0,0  0,4 34562324  64296   ??  S     1:54     0:01.15 /Applications/Muse Hub
dm                 732   0,0  0,0 34121368    688 s000  S+    1:54     0:00.00 grep --colour=always -iE muse|hub

where "dm" is me and "root" is apparently root, the privileged system user.

Moreover the "museservice" process does not stop when I exit Muse Hub:

dm@01:54 ~ $  ps aux | grep -iE 'muse|hub'
root               688   0,0  0,1 34258784  25096   ??  Ss    1:54     0:00.42 /Library/PrivilegedHelperTools/com.muse.museservice
dm                 782   0,0  0,0 34121368    688 s000  S+    1:55     0:00.00 grep --colour=always -iE muse|hub

So the situation here seems to be similar to what is reported for Linux (although I didn't try installing Muse Hub on Linux myself).

In reply to by jeetee

But at least it stops bittorrent traffic on my Mac.

I looked into its behaviour, in particular regarding bittorrent port 6881:

  • Out of the box, it listens on this port
  • It keeps listening on this port, even if community distribution is disabled (?)
  • It stops listening when Muse Hub is closed ("quit")
  • ... but keeps running as long as Muse Hub is installed
  • It is removed when Muse Hub is uninstalled.

In reply to by user2442

I am convinced now that, regardless of possible bad intentions of the makers (which I do not believe for a moment) it would be better to do away with the service completely. There are good alternatives to give the user virtually the same experience without exposure.

For Linux an issue was created with severity Major on this: Shouldn't there be one for MacOS as well? And for Windows, for that matter?

Do you still have an unanswered question? Please log in first to post your question.