Bug 394984: Elevated updates on OSX: Difference between revisions

Description of the problem

At present (8/2015), Firefox is installed by dragging and dropping the Firefox.app bundle from a .dmg to the a directory on the local system (typically /Applications). By doing so, the ownership of the Firefox.app bundle is set to <username>:staff with permissions drwxr-xr-x. In the event that a different admin user attempts to update Firefox, the update will fail to apply because the user does not have the necessary ownership/permissions to write to the Firefox.app bundle.

Proposed solution

1. Write a new binary that will be used as Privileged Helper Tool on OSX. The only functionality in this binary will be to recursively set group ownership of a directory to "admin" and recursively set "write" permission for the group on said directory after proper elevation.
2. In the event that the updater is unable to write to the Firefox.app directory (bug 394984), launch the Privileged Helper Tool.
3. Privileged Helper Tool prompts for administrative username and password to run as root.
4. If credentials were entered correctly, the Privileged Helper Tool will change the group ownership to "admin" and add write permission for the group recursively on the Firefox.app bundle as follows:

<username>:admin drwxrwxr-x

1. If the ownership and permissions were set successfully, the regular (unelevated) update proceeds.
2. Future updates will no longer require the Privileged Helper Tool, unless ownership and/or permissions have changed in such a way that it is needed again.

If the user was unable to enter admin credentials, or if the new ownership/permissions couldn't be set successfully, the update will fail and we will increment a counter in the user's profile. Once a threshold is hit, we will no longer attempt to stage an update and will direct the user to our website for a manual install (existing workflow).