Permission Concept - SynoCommunity/spksrc GitHub Wiki
As most of SynoCommunity applications are content-related, and Synology DSM may be used in shared context with multiple users, security improvements have been designed.
Before DSM 6 support, all SynoCommunity applications were granted users
group
membership, allowing them to provide content to any regular DSM users or to any
other applications.
As a result, there was no way to prevent access to sensible application specific folders, and users may access any content or damage application files too.
Some technical or protocol applications accessible from network also has access
to any content readable to users
group even if not necessary, increasing risk
of file leaking in case of security hole or misconfiguration.
Access to content is control thanks to group permissions.
-
Technical or protocol applications will have no group membership, preventing access to publicly accessible content.
-
Producer application (downloader) will write files to dedicated folders with permissions granted thanks to "output groups" (
sc-download
andusers
by default) -
Consumer application (media reader, file scanner, backup...) will read files from folders granted thanks to "input groups" (
sc-download
andusers
by default) -
If an application mixes these two roles, both "input groups" and "ouput groups" can be configured seperately.
For advanced usages, wizard step proposed package installer to adapt default
"input groups" and/or "output groups" lists, like removing users
or tune per
application group membership.
Package will create standard sc-download
group for media/content related
applications.
Because of transition from previous situtation, installation wizard proposes to
enlist application in both sc-download
and users
groups by defaults.
If users
group is not granted for some applications, DSM administrator can
enlist human user accounts in sc-download
from DSM Control Panel Groups, for
them to gain access to files written by these applications.
If users
group is not part of an application "input group", DSM administrator
can apply application specific group to folders it expects to browse and read.
DSM administrator can create dedicated groups to fine control which application produces files to which audience, either human users or specific application thanks to "input groups" field at installation or upgrade wizard.