Am I being overly cautious here?

[ColHomer]

I recently started testing Apps within HexOS and installed a couple of curated apps where I noticed the process creates several public accessible storage shares as part of the install process. During my testing I switch to installing one of the apps through the TrueNAS interface instead and didn't see this behavior. Am I being overly cautious thinking that this is a pretty big security risk for when I move HexOS to being my production NAS? Should I be installing all apps through the TrueNAS interface if this continues to be a big concern for me? Thanks!

[Todd Miller]

Your not the first to ask and this post is not the first to bring it up.  So far there has been no response.

[TonyLibra]

Maybe by default it's public, but afterwards you can adjust the folder within HexOS to be private and be selective on which users have access. It's not as in-depth as the TrueNAS access options, but for someone like me who isn't well-versed in ACL access, it's a lot easier to understand and navigate.

[ColHomer]

1 hour ago, Todd Miller said:

Your not the first to ask and this post is not the first to bring it up.  So far there has been no response.

I thought I remember reading something like this awhile back and not seeing an explanation so this checks with what I remember.

[ColHomer]

1 hour ago, TonyLibra said:

Maybe by default it's public, but afterwards you can adjust the folder within HexOS to be private and be selective on which users have access. It's not as in-depth as the TrueNAS access options, but for someone like me who isn't well-versed in ACL access, it's a lot easier to understand and navigate.

Great point! I'll try and do some testing on this and see if that works.. The TrueNAS app install method does look to be a lot more granular with both access and folder creation.