Hi all,
I'm writing an application that will be run by a normal user, and it needs to be able to set the configuration for the network adapter (I don't love the idea, but the client wants what the client wants). Basically, the user, within this application, needs to be able to set the IP address (static or DHCP), subnet, etc.
The application is a Qt app written in Python. Naturally, I don't want them to run the app as root, so I need a normal user to be able to bring ethernet interfaces up and down, change settings, etc. Since this is an Arch Linux installation, this is normally done with netctl and the profile configuration files in /etc/netctl. However, netctl is a wrapper around systemctl, and you still need to be root to use it.
So, I figured the easiest thing to do would be to grant the user sudo permissions with NOPASSWD for /usr/bin/netctl. In my sudoers file, I just added
Code:
normaluser ALL=NOPASSWD: /usr/bin/netctl
My normal user can then run "sudo netctl start|stop|status profile_name", and that user can bring the interface up and down without entering the password (which would be awkward in a GUI). If the user tries to do something nasty and run "sudo systemctl whatever", sudo won't allow it. So far, so good.
Now I'll just use the Python subprocess module to run netctl from my application. That seems secure enough, while still allowing the behavior the client needs. My question for you is... where do you see this blowing up in my face? Do you have any suggestions for improved security? Have I missed something in my sudo configuration that is a vulnerability? Better ideas altogether for how to handle this task? I'd appreciate any thoughts.
Thanks!