Comment on Plex got hacked.
BackgrndNoize@lemmy.world 14 hours agoStuff like this can happen to any app, developers are only human, shit happens, but the bigger a company is, the bigger target it becomes, so there is some saftey in an open source app that’s not as popular, but then again a bigger company also has more resources to monitor for security breaches and quickly address them and push out a hot fix, can’t say I know how this works for smaller free open source apps
Sneptaur@pawb.social 13 hours ago
I think the point here is that Jellyfin doesn’t have a centralized login or website like Plex does. An attacker would have to know about your server and log into it directly to get access. If you run it in a container, there isn’t a lot they can do other than trashing your media library, which you should have protected with filesystem snapshots anyway.
purplemonkeymad@programming.dev 12 hours ago
Jellyfin doesn’t even have write access to my files. If they can get access into the container’s process then I guess they could add stuff to the web interface which could contain bad stuff.