I haven't investigated this, but I'd guess you could add a "chrome" user, chown the chrome directory to that user, and basically give it permission only to touch the stuff in its own directory. Would that help allay concerns about auto-updating software?
There's some convenience/security tradeoff here anyway. I don't know about you, but I don't inspect the source code of most apps I install or update.
There's some convenience/security tradeoff here anyway. I don't know about you, but I don't inspect the source code of most apps I install or update.