I am proposing adding a new group to the udev rules for the net interfaces. The reason I am requesting this is because when you want to run a program like qemu as a regular user, you are unable to bring up a network interface (tap device on a bridge) without having to change the permissions of /dev/net/tun.
Steps to Reproduce:
1. Run qemu as a regular user
2. Have qemu attempt to bring up a tap interface on a bridge
3. Access Problem.
warning: could not open /dev/net/tun: no virtual network emulation
Could not initialize device 'tap'
Interface would come up if the user belonged to the new "net" group. Here's an example of a device in /dev/net:
crw-rw---- 1 root net 10, 200 May 24 09:48 /dev/net/tun
After some more researching, it looks like this is not an issue. It seems that there are some abilities in libcap (set CAP_NET_ADMIN on the binary) that don't exist yet and is causing problems with qemu and tap/tun interfaces running under regular user.