Agreed. I am currently testing 3 NAS solutions one of them being UNRAID. The other two each have their own strengths and weaknesses but the one thing they both have is the ability to have "real" linux system GROUPS and USERS with the ability to HARDEN the system.
I was taken by surprise that after creating a low privileged GROUP and USER and then using that USER to ssh into UNRAID that that user who was to have no access to the system other then its own HOME directory was able to access all the SHARES and other directories and was able to READ and WRITE even when those folders were owned by ROOT and the permissions were set to RWX - - - - - - .
I'm a belt, suspenders, duct tape, staples and paperclip kind of person. It just seems wrong not to be able to harden UNRAID and to rely solely on an external router/firewall to protect the UNRAID server.