Check out the RPM scripts for the latest (as of today) RPM:

$ rpm -qp --scripts https://github.com/bitwarden/clients/releases/download/desktop-v2023.3.1/Bitwarden-2023.3.1-x86_64.rpm

An RPM scriptlet that doesn't run chmod 4755 '/opt/Bitwarden/chrome-sandbox'

No response

Electron has long since stopped needing a setuid root chrome sandbox. The AppImage doesn't appear to have a setuid root chrome-sandbox. I believe its only electron 5 and less that needed it, but it still warns about it. Please see:

https://bugs.chromium.org/p/chromium/issues/detail?id=598454

I also checked the .deb file, and I see a very similar script that sets chrome-sandbox as 4755 in the deb postinst script.

Removing the setuid bits on the RPM will still permit the package to run, and also changing the permissions on a packaged RPM causes it to fail RPM integrity verification, which will show up on some security scans. It really doesn't make sense to do this for all RPM and DEB distros just to support an out of date method of setting up namespaces.

Linux

Fedora Linux 37 x86_64

Other

2023.3.1