non root access to ioctl for WIFI scan

Question

I'm working on implementing iwlist python version. Here is a description of how iwlist works on Linux OS How does iwlist() command scans the wireless networks? what it does is to scan all nearby wifi access points, show a list of their ESSID, MAC address, signal/noise level, etc.

iwlist uses ioctl SIOCSIWSCAN to trigger a scan. Then it uses SIOCGIWSCAN to get scan results. For security reason I have to implement this without root access. But both these two command have to be run as root. The python equivalent iwlist has been implemented already http://pythonwifi.wikispot.org/ However it uses the same ioctl.

I'm wondering if it is possible to work around this without sudo. Or, besides ioctl, if there's other ways to implement a non-sudo iwlist.

Try it. Then ask if you run into issues. We won't do your research for you. — SomeKittens, Jul 17 '12 at 13:16

score 0 · Answer 1 · answered Jul 17 '12 at 07:16

I guess you also don't want to use setuid for security reasons. You might want to try the capability system instead and set the required capability on your binary. I don't know exactly which capability you need, probably one of the CAP_NET_* or CAP_SYS_* capabilities.

non root access to ioctl for WIFI scan

1 Answers1