System compromised?

Status
Not open for further replies.

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
15,504
Update: The system ran fine overnight with the jails turned off. I've turned them back on and will continue to keep an eye on things.
 

Ericloewe

Server Wrangler
Moderator
Joined
Feb 15, 2014
Messages
20,194
Are the jails still 9.x jails? It might have been an odd interaction with the 10.x kernel.
 

cyberjock

Inactive Account
Joined
Mar 25, 2012
Messages
19,525
One thing I did notice as I was going through the Plex jail was that there's parameter in the Preferences.xml file called "disableRemoteSecurity", and by default with the FreeBSD packages, that's enabled. That gives anyone who wanders across your Plex server full access to your data. That's frankly an idiotic default setting, and I've now changed it.

AFAIK this is not any security issue at all. That setting, afaik, is deprecated and not used anymore. I just went to my server and I had to login with a username/password, which I've had to do since the first time I used Plex on FreeNAS in a jail.

Do you have any info to the contrary?
 

SweetAndLow

Sweet'NASty
Joined
Nov 6, 2013
Messages
6,421
I dug into this a little bit yesterday and that setting use to be configurable from the ui but got removed. If you go to your server from an external source you will get a Plex login prompt. If you manually change it I'm not sure of the behavior.
 
Status
Not open for further replies.
Top