Re: Couldn't they just change permissions on /proc/net?
There are legitimate reasons.
There needs to be a way to uniquely identify devices on a local network.
My Android app can control many household devices like smart TVs and cable boxes, it searches using upnp and mdns.
If someone has two of the same devices on the same network (say two Samsung 43" 2018 7 series TVs) I need to be able to determine which TV they want to be able to control.
This can't be done by IP address as this changes often and although upnp provides a UUID this can sometimes change or be identical across models, so can't be used.
The MAC address is the only way to do this and you can only get this from the /proc/net/arp cache (As far as I know).