I have sonarr, radarr, gluetun and qbittorrent with overseer allowing my family to request movies and automatically download. I only have public indexers in prowlarr (1337x, kickass torrents, etc.)

This NAS also has a lot of important data like photos and documents.

I am used to vetting my torrents pretty thoroughly before downloading but now it’s all automatic.

What level of risk am I running with my data when downloading things in this manner? Is there a chance of malware getting onto my NAS? Ransomware? Is the risk pretty minimal?

@Double_A@discuss.tchncs.de
link
fedilink
English
1
edit-2
1Y

This NAS also has a lot of important data like photos and documents.

Those should be backupped! And no, the NAS alone is not a backup, otherwise yo wouldn’t be worried.

@Policeshootout@lemmy.ca
creator
link
fedilink
English
11Y

It is backed up to a another drive that’s in a separate building. At least the most important stuff syncs.

My Password Is 1234
link
fedilink
English
71Y

You should use containers (a sandbox for each app you run). That way no malicious app can access your files. The easiest way is using Docker.

Last
link
fedilink
English
-141Y

deleted by creator

My Password Is 1234
link
fedilink
English
31Y

Actually no. I do not use root account. I have separated users for containers :P

Last
link
fedilink
English
-17
edit-2
1Y

deleted by creator

What’s the the unhelpful hostile attitude? Is it still 1996 where it’s cool to shit on people for not knowing everything about what they’re doing and call them “noobs”?

Last
link
fedilink
English
11Y

deleted by creator

RandomLegend [He/Him]
mod
link
fedilink
English
71Y

Hey buddy, you should calm down a bit. Not a single person will take anything you say serious if you present it with such a hostile attitude.

Of course anyone can talk freely here, but you should really consider your manners when conversing in our communities.

ThrDarkFlame
link
fedilink
English
91Y

You should probably contextualise this and say instead that containers make it harder for the application to affect your environment and files.

It may be possible to break out of a container.

@Policeshootout@lemmy.ca
creator
link
fedilink
English
11Y

I do use docker, I set up a docker account as well with selected permissions.

@Pulp@lemmy.dbzer0.com
link
fedilink
English
61Y

The risk of malware is probably low; Plex/Jellyfin shouldn’t execute any of it.

Check out forma the SFx if u are in windows

can i become part of your family too?

My Password Is 1234
link
fedilink
English
11Y

😂

Are you executing the files you download?

“There is no such thing as a dangerous file, only bad operating systems.”

Nordern
link
fedilink
81Y

@zergling_man @Policeshootout ok then.

*wgets to sudo bash*

You executed the file. Not the OS’ fault.

@rambos@lemm.ee
link
fedilink
English
211Y

a lot of important data

Hope you have a backup, not because of public torrents

@Policeshootout@lemmy.ca
creator
link
fedilink
English
21Y

I do have a separate backup in a separate building that syncs the most important stuff.

on linux/unix you can make partitions files non executable.

Maybe you can mount in fstab a partition with the parameter NOEXEC:

Option ‘NOEXEC’ flag in the mount command does not allow the execution of executable binaries in the mounted file system1. However, when a script (a text file that begins with she-bang line; i.e., a line that begins with #!) is given to some shells (bash), it will run the executable named on that line (e.g., /usr/bin/perl) and pass the path of the shell script as the first argument. The actual interpreter might not be on that mountpoint.


1 The mount command typically mounts a file system. (Arguably, loop-back or bind mounts may be considered an exception to this generality.) In some cases (e.g., /tmp), this file system will contain only one directory.

[0]https://superuser.com/questions/728127/what-does-noexec-flag-mean-when-mounting-directories-on-rhel

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
!piracy@lemmy.dbzer0.com
Create a post
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don’t request invites, trade, sell, or self-promote

3. Don’t request or link to specific pirated titles, including DMs

4. Don’t submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

  • 1 user online
  • 109 users / day
  • 273 users / week
  • 1K users / month
  • 3.5K users / 6 months
  • 1 subscriber
  • 3.4K Posts
  • 82.2K Comments
  • Modlog