February 18, 20206 yr Just wondering if there is a best practice guide for setting up containers? I was concerned that the standard share that seems to be mapped for almost every installed container /mnt/user gives the container full access to the entire unraid server (which i get makes things easy) So i removed this from Plex as a test, and added a specific path for every single share and then amended each library and rescanned. It was a lot more work of course, and is it really worth it? Is giving a container full access to the entire share ever necessary, and is it better practice to lock it down to what it only actually needs?
February 18, 20206 yr 51 minutes ago, sdamaged said: is it better practice to lock it down to what it only actually needs? This. Best practice is to give docker containers access to only the things that they need. For instance my plex container has a read/write mount for its config /mnt/user/appdata/plex and read only mounts for my media shares /mnt/user/tv/ and /mnt/user/movies/
February 18, 20206 yr Author Hmm so really i could have just amended the main mnt/user share to read only and saved a load of work! Lol
February 18, 20206 yr 9 minutes ago, sdamaged said: Hmm so really i could have just amended the main mnt/user share to read only and saved a load of work! Lol While that is the easy path mapping to make, it's not what I would call best practice from a security point of view. Plex really doesn't need access to your banking info, or your documents, or those "special" pictures everyone hides from their wife.
Archived
This topic is now archived and is closed to further replies.