re: CVS commit: src/etc

[matthew green <mrg%eterna.com.au@localhost>]

Roy Marples writes:
> On 13/01/2019 10:20, matthew green wrote:
> > shouldn't one need to be root to modify network configuration?
> > i shouldn't be able to tell wpa_supplicant to do something as
> > non-root, in a default install.
> 
> In a default install the only member of wheel is root and wpa_supplicant 
> is not started.
> 
> I suppose the real question is do we want to allow group access to 
> wpa_supplicant and if so which group if not wheel?
> 
> If we don't want to allow group access I may as well revert my changes 
> and setup is then as before - the user is expected to configure 
> everything themselves and wpa_cli won't work by default. This would be a 
> shame as I've had a lot of positive feedback on this change already.

i don't want to allow configuration changes by non root.
that should be fairly obvious and not something anyone would
question.

group 'wheel' means access to root, not that it gives you
additional privs immediately.  if it did there would be no
point in having group 'wheel' -- may as well just make all
the wheel users uid 0, since that is the security provided.

it would be OK if this was _read-only_ access to network
configuration, but one should never be allowed to change the
it unless root.  ie, i'm not objecting to having a better
default wpa_supplicant configuration, but don't remove
security layers in the process.

(i wouldn't pick 'wheel' as this group -- i would invent a
new group either called 'net' or 'wpa', with no underscore
since they're designed to be assigned, unlike the groups
for specific programs security models.)


.mrg.