December 10, 20187 yr Author 5 hours ago, trurl said: What plugin do you mean? Plugin in general, for example, if the plugin is sandboxed / have no API or permission to access user data. If accessing user data is possible, I will reduce the number of plugin I use to a bare minimal to reduce the risk. Edited December 10, 20187 yr by Harrywong
December 10, 20187 yr Most (all) plugins do not access the array, because they are used to expand GUI functionality. Applications which need to access the array are highly preferred to run as Docker container. Docker allows explicit access rules for protection.
December 10, 20187 yr Community Expert 2 minutes ago, Harrywong said: Plugin in general, for example, if the plugin is sandboxed / have no API or permission to access user data. If accessing user data is possible, I will reduce the number of plugin I use to a bare minimal to reduce the risk. Plugins are NOT sandboxed in any way and often run with root privileges so in principle you should assume that they can access any data on the server. Plugins are also not stopped from installing components that can interfere with core UnRAID functionality. Therefore as a rule plugins are only advisable for adding additional system capability, not for running apps. if you want apps to be sandboxed then run them as docker containers. When run that way the app only has access to the paths you configure it to use and you can also control the type of access. Docker containers also have the advantage that they are less likely to ‘break’ when the system is upgraded as they are largely isolated from the underlying OS.
December 10, 20187 yr Author Thanks! Among all the plugins, the only one that I actually need is SSD trim (fstrim -v /mnt/cache/). I am personally concerned with the risk that my data could be exposed by a malicious plugin or some malicious code accidentally introduced during a plugin update. So I ended up removing all the plugins and set the SSD trim manually using crontab. Edited December 10, 20187 yr by Harrywong
December 10, 20187 yr Not sure which plugins you had installed before, but I don't think any plugin puts your system at risk. As the creator of the dynamix plugins, I am 100% sure these plugins are safe.
December 10, 20187 yr Author Thanks, dynamix plugins are great, thanks for creating them I guess I am just paranoid... Edited December 10, 20187 yr by Harrywong
December 10, 20187 yr 5 hours ago, Harrywong said: malicious plugin or some malicious code accidentally introduced during a plugin update. If that ever happened, the plugin would get immediately blacklisted, and if you have Fix Common Problems installed, it would let you know about it.
Archived
This topic is now archived and is closed to further replies.