Re: which X11 app can show wifi info
On 2022-06-15 09:43:50 +0300, Reco wrote:
> Hi.
>
> On Wed, Jun 15, 2022 at 03:30:53AM +0200, Vincent Lefevre wrote:
> > On 2022-06-14 15:43:40 +0100, Brian wrote:
> > > On Tue 14 Jun 2022 at 13:15:56 +0200, Vincent Lefevre wrote:
> > > > No issues with iwlist and nmcli.
> > >
> > > /usr/sbin/wpa_gui and /sbin/wpa_cli should both give sensible outputs
> > > when run as root.
> >
> > For security reasons, I don't want to run them as root.
>
> First example they provide in wpa_supplicant.conf(5) shows the way to
> use wpa_cli sensibly without being root.
> One just needs to define a group for wpa_supplicant's control socket, like this:
>
> ctrl_interface=DIR=/run/wpa_supplicant GROUP=netdev
This is either overkill (with a security risk, e.g. if this can allow
the user to become root), or Debian should have done that by default.
> Add a user to a netdev group and you're set.
I'm already in the netdev group (this was done automatically at Debian
installation time).
> > The iwlist and nmcli utilities don't need root to work correctly.
>
> I don't know about iwlist, but nmcli uses dbus to communicate with
> NetworkManager. From the security standpoint, such approach clearly
> loses to the simple unix socket communication restricted by natural
> POSIX permissions.
Actually, that's iwconfig that gives interesting information, such
as the current ESSID, and it doesn't need to be run as root either.
According to strace, it uses a socket and various SIOCGIW* ioctl
calls, e.g. SIOCGIWESSID. I suppose that this is a bit like
http://papermint-designs.com/dmo-blog/2016-08-how-to-get-the-essid-of-the-wifi-network-you-are-connected-to-
(the author also used strace on iwconfig to find the method).
--
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
Reply to: