NickF
Guru
- Joined
- Jun 12, 2014
- Messages
- 763
Stability was the point I was trying to make but it seems I’ve made a mistake. I thought this was a post regarding Intel ARC when I got an email notifications about it.Totally agree that security comes first.
But my same point about stability applies to this situation anyway, so it’s not all for nothing I guess. To your question:
While I do believe there will be security implications, the problem here is more in regards to stability. I don’t want to muddy the waters going into ACLs.Are you saying that mapping a network share in a container compromises the security of the entire server?
Hostpath mounting a directory from the host to a container does not function the same way as mounting a SMB share. There are “rules” in SMB to safeguard concurrent access to the same file, that hostpath mounting will not respect, understand or even be aware of. What that means is if any of your data may be written to via the hostpath mount you may create data corruption in instances where the container and a SMB client are trying to write to or potentially even access the same files.
For Plex specifically, I think disabling the validation check box may be safe enough, but that’s a call that you need to make about your data. A lot of that depends on what post processing you may be doing to your media library