I don't doubt the power of Linux-Unix based systems at all, so my Q would be: is FreeNAS not secure enough yet to be published out there in the world? How useful would this OS would be if I want to set a public WWW and public FTP, hosted both in this PC?
It's more secure than Windows. But that's not saying much.
You have to understand that Free
BSD is reasonably secure. It is largely written by professionals, with multiple people reviewing most changes, and the source is always available for your inspection if you'd like to join them. That doesn't prevent problems from appearing. There are lots of other packages that are included with FreeBSD that the FreeBSD team did not write. If you look at the
list of FreeBSD security advisories going back to 2010, you'll find 36. If you classify them, approximately half are actually problems in externally-sourced subsystems like BIND. Many of the others are attacks that are only practical if you have local access to the system, such as a shell user.
Further, you probably won't find many commonly-deployed operating systems in the service provider arena that are more secure than FreeBSD. OpenBSD may be more secure but isn't widely deployed. However, you also have to consider what is meant by "secure." The servers we deploy here would not feel all that familiar to a typical home FreeBSD user; the base system is locked down with kernel securemode and schg on most files, and superfluous suid/sgid removed on many others, there's a firewall that allows just the specific service a server was designed to run, and the service itself is usually running in a carefully segregated jail that contains no /bin/sh, rendering many common external penetration strategies useless. I consider FreeBSD secure only partly because the base OS is reasonably so. The rest of it is engineered to be so. Our latest updates of our system build tools do some other interesting things as well.
Now, as for Free
NAS... FreeNAS also adds substantial amounts of software on top of the base FreeBSD install. Those are all unknown risks; the FreeNAS guys are good at what they do, but fundamentally I don't feel that FreeNAS was built to be exposed directly to the Internet. It lacks a lot of what I would consider to be prudent steps necessary to harden a system. That's largely because it is intended to be an appliance. You can probably set it up to provide web and FTP services and it'll be about as secure as the average UNIX-based server. That's not bad, but really, it is also somewhat risky. You need to take reasonable steps to make sure you're protected, such as paying attention to the various vulnerabilities mailing lists, updating the software when updates become available, and maybe keeping an eye on your content using some secure method to make sure your content hasn't been compromised.