If you don’t have to give people write access, make them read only. If you don’t have to expose a share via SMB, don’t! Just turn them off. The only thing these users can do is access shares. While you’re on the Users screen, go ahead and make users for yourself and others you want to have access to shares. It’s always a good idea to do as little as possible as the root account on a Linux system. So, to fix it yourself, go to the web UI and navigate to Users > Select ‘root’ > Add a Password. There’s really no excuse for this type ‘insecure by default’ philosophy when it’s so easy to fix. It’s really bad that unRAID doesn’t force you to set a root user password as part of the installation. If folks have more that I’m missing, I’d love to add them here! Add password for root Here’s my list of steps taken to secure my unRAID install. ![]() Adding the steps here will make it more secure to protect against the unlikely, yet unfortunate possibility that someone nefarious gains access to your home network. My take is that unRAID is secure enough to operate within my home network behind a firewall, not exposed to the internet. By default, unRAID has a few pretty big security vulnerabilities which should be addressed immediately after installation.
0 Comments
Leave a Reply. |