Check that file owner is root in UnixPlatform::check_permissions().

Author: codebutler

backend/src/osx_platform.cpp

@@ -36,6 +36,8 @@ bool OSXPlatform::run_privileged()
   OSStatus           err;
   AuthorizationFlags flags;
 
+  // FIXME: Throw exception if process is setuid but owner is not root! Right now this fails badly!
+  
   const char *path = this->path().c_str();
 
   flags = kAuthorizationFlagExtendRights | kAuthorizationFlagInteractionAllowed;
@@ -103,4 +105,4 @@ vector<InterfaceInfo> OSXPlatform::interfaces()
   CFRelease(prefs);
 
   return result; 
-}
+}

backend/src/unix_platform.hpp

@@ -58,8 +58,7 @@ class UnixPlatform : public AbstractPlatform
     m_path = string(path);
   }
 
-  bool is_root()
-  {
+  bool is_root() {
     return geteuid() == 0;
   }
 
@@ -71,7 +70,7 @@ class UnixPlatform : public AbstractPlatform
     if (err == -1)
       throw runtime_error("stat() failed");
 
-    return (file_stat.st_mode == MODE);
+    return (file_stat.st_uid == 0 && file_stat.st_mode == MODE);
   }
 
   void fix_permissions() {

xpi/modules/FiresheepSession.js

@@ -46,7 +46,7 @@ FiresheepSession.prototype = {
         // FIXME: This should really use chmod(2) directly.
         Utils.runCommand('chmod', [ 'a+x', this._core.backendPath ]);
 
-        // Tell backend to repair owner/setuid. Wil return succesfully if everything is already OK.
+        // Tell backend to repair owner/setuid. Will return succesfully if everything is already OK.
         this._process = Cc["@codebutler.com/mozpopen/process;1"].createInstance(Ci.IMozPopenProcess);
         this._process.Init(this._core.backendPath, [ '--fix-permissions' ], 1);
         this._process.Start();