Is there a config file I can edit to change the freenas update server from http://update.ixsystems.com/FreeNAS/ to it's HTTPS link? I'm a little surprised that this is not the default.
iX Systems puts security first. That's why they don't use HTTPS by default for the updates or the web client. Oh and the whole root for everything helps too.
Don't think this is justified--the "everything" that you need to use root for is system administration, which, well, would require root privileges anyway. If you're talking about the CLI, nothing prevents you from logging in as any other user you choose.
iX Systems puts security first. That's why they don't use HTTPS by default for the updates or the web client. Oh and the whole root for everything helps too.
I think @kdragon75's point was iX not incorporating https by default in their own infrastructure, not that they don't activate it by default in the GUI.
Don't think this is justified--the "everything" that you need to use root for is system administration, which, well, would require root privileges anyway. If you're talking about the CLI, nothing prevents you from logging in as any other user you choose.
It would make sense to run the middleware as root but have a service account interact with the middleware.
How offten to you login to a *nix box as root? You should be using a non privileged user then running the needed commands with su. That way only the commands that need root are run as root and not anything and everything coming from the user logged in as root via HTTP as default.
Actually, pretty frequently. I log in as root to do admin stuff (yes, horror of horrors, I actually log in as root, rather than as someone else and su to root), and as a non-privileged user to do non-admin stuff.
Pretty much everything that happens in the GUI would need root privileges if done at the CLI. So why is it a bad thing to have to log into the GUI as root?
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.