Elevate privileges when reading process information

htop on OS X needs to be the superuser to read information from processes not owned by the current user. If htop doesn't have the necessary privileges, it is unable to read usage stats and the full process command line.

One workaround is to chown the htop binary to root:wheel and set the setuid bit on it, to ensure that the effective uid of htop processes is always 0 (root), but this is insecure as it allows unprivileged users to renice or send arbitrary signals to any process on the system.

This pull request makes htop drop privileges as soon as it starts and elevate back to root just when it needs to (to grab process info and command lines). Because of the way saved UID works, we can still elevate back to root after dropping privileges. This makes it safe to setuid the htop binary to root, as htop only elevates to root privileges for read operations. At all other times it's running with the privileges of the user that started it.

The downside of this patch + setuid is that it does leak process command lines to unprivileged users, which could be seen as a security issue. I don't think this is too much of a cause for concern as process command lines are readable by unprivileged users on other operating systems such as Linux and are generally treated as world readable.

0.8.2.7

Bumped version number.

0.8.2.6

Cleaned messed up process states.

0.8.2.5

Corrected wrongly named env var: HOMERC ==> HTOPRC

0.8.2.4

Fixed that htop did not show right column in header.

0.8.2.3

fix SIGSEGV fault when COLS > 178

0.8.2.2

Fixed the memory usage on Mac OS X.