Happschaetzu Happschaetzu Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.

Today i checked my file-system for ACL permission rules and noticed, that the GOG Galaxy client installer sets his "GalaxyClient" folder and all game folders in the subfolder "GalaxyClient\Games" the ACL permission rule "Everyone = Full control".
This is with all due respect a massive security hole in the GOG Galaxy Client installation and all games that are installed via GOG Galaxy Client.
Because when "Everyone" has full acces to every folder and every file in the GalaxyClient Folder, he can also modify the GOG Galacy Client executable and when this one is asking for admin permissions, he has full access to the whole system.
If i would write malware, this would the way to brake into the system.

No one should be able to modify files in the GalaxyClient folder except the Admins and maybe the System.
If older games need special permissions, for example for their savefolders in the program directory, write access should be limited to the Domain Users .