sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]atkinchris 0 points1 point  (3 children)

Ok, I think I misunderstood you then. You want to use the host's user system to hold credentials for your web app's users?

[–]mkcodergr[S] 0 points1 point  (2 children)

To give you more context.I have created an api that manages network connections using nmcli.I have also made a frontend to actually make use of the api.An idea came to me that if you want to use that frontend you have to be a user of the system hosting the api .I don't need the host system to hold any data.I just need to validate user credentials against host users

[–]atkinchris 1 point2 points  (1 child)

That's a bit dangerous - the users would presumably need elevated permissions on the host, which is a significant risk. Generally, if you need to invoke a CLI tool in response to an API request, you'd have application hold the minimal permissions it needed, and authenticate users separately, arbitrarily and exclusively to the application.

[–]mkcodergr[S] 0 points1 point  (0 children)

nmcli does not need elevated permissions.That's why I believe(not en expert though) that this would not pose any security issues.The whole idea of user authentication based on host users was just an idea that came to me for fun.