Use DBus APIs to access Network Manager instead of command line calls for better security
I would like to suggest using DBus APIs to access Network Manager instead of command line calls for better security. Command line calls are vulnerable to spoofing and tampering by other processes, while DBus APIs can use a proper authentication mechanism and access control policy to ensure only authorized messages are sent and received. Moreover, DBus APIs allow verifying the sender of a message before handling it, which can prevent malicious messages from unauthorized senders.
In the context of Flatpak, it can avoid sandbox escape if we only expose DBus instead of allowing host command execution.
Anonymous
shared this idea
-
Patrick Griffis commented
To be specific. NetworkManager exposes configuration APIs at `org.freedesktop.NetworkManager`.
At a glance upstream NetworkManager provides multiple helper libraries that can talk over dbus:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/tree/main/src/libnm-glib-aux
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/tree/main/src/libnm-client-impl