Understanding UMS security model
Posted: Thu Sep 30, 2021 11:49 pm
I have now read https://github.com/UniversalMediaServer ... nd-Privacy several times and did several basic tests using different configurations.
After reading and testing a lot I get the impression (please somebody correct me) that there is not really a true Security-and-Privacy model in UMS that deserves this label. From my understanding there is NO way to make a single folder only VISIBLE and ACCESSIBLE from just one renderer. Is this correct? I know there is the PIN option but that is very annoying to use but doesn't solve the VISIBILITY problem. The folder is VISIBLE to all (especially all new devices) in the network.
Is this really how UMS does Security-and-Privacy? I still cannot believe this is the truth. Please somebody correct me. Maybe I am missing something?! Because the way this is done seems like somebody put a lot of work into the task to make Security-and-Privacy as maximally meaningless as possible. I don't want to sound arrogant (truly) but if this is the Security-and-Privacy model I wonder if the UMS devs want to make fun of its users? This is a joke!
And before somebody comes and tells me, this is DLNA/UPnP and it is technically possible to do it any other way: UMS is not the only DLNA-compliant UPnP Media Server. Other servers solve this by having a global option where you enter all folders you want to share to all renderers and then a per-renderer setting to add additional folders to a certain renderer. This is clean. This works. This does not need a PIN.
Why does UMS have a ip_filter option that works but it cannot restrict visibility and access of certain folder without PIN to certain renderers based on their IP?
Does anybody working on UMS realize how normal home networks look in reality? There is a constantly shifting number of renderers. New smartphones and tablets are bought regularly and connected to the network. Guest visiting get WLAN access. Every laptop and PC with VLC is a renderer. If there is NO way to tell UMS I only want a certain folder to be visible and accessible ONLY from renderer with IP 192.168.178.22, then UMS is absolutely unusable in a common real home network! What are users supposed to do? Keep track of every device added to a network and immediately add extensive configuration to UMS to restrict visibility and access of globally shared folders to that devices? This is so very unrealistic and a total configuration hell with multiple ways that things go wrong and devices get access to a folder when they shouldn't.
Why the hell is there a per-renderer .conf file option if you cannot add folders that are NOT in the global configuration? This is so dum I don't have words to explain how dum this is.
AGAIN: maybe I am wrong and I don't use the configuration correctly. Then I want to humbly apologize and ask for your forgiveness.
After reading and testing a lot I get the impression (please somebody correct me) that there is not really a true Security-and-Privacy model in UMS that deserves this label. From my understanding there is NO way to make a single folder only VISIBLE and ACCESSIBLE from just one renderer. Is this correct? I know there is the PIN option but that is very annoying to use but doesn't solve the VISIBILITY problem. The folder is VISIBLE to all (especially all new devices) in the network.
Is this really how UMS does Security-and-Privacy? I still cannot believe this is the truth. Please somebody correct me. Maybe I am missing something?! Because the way this is done seems like somebody put a lot of work into the task to make Security-and-Privacy as maximally meaningless as possible. I don't want to sound arrogant (truly) but if this is the Security-and-Privacy model I wonder if the UMS devs want to make fun of its users? This is a joke!
And before somebody comes and tells me, this is DLNA/UPnP and it is technically possible to do it any other way: UMS is not the only DLNA-compliant UPnP Media Server. Other servers solve this by having a global option where you enter all folders you want to share to all renderers and then a per-renderer setting to add additional folders to a certain renderer. This is clean. This works. This does not need a PIN.
Why does UMS have a ip_filter option that works but it cannot restrict visibility and access of certain folder without PIN to certain renderers based on their IP?
Does anybody working on UMS realize how normal home networks look in reality? There is a constantly shifting number of renderers. New smartphones and tablets are bought regularly and connected to the network. Guest visiting get WLAN access. Every laptop and PC with VLC is a renderer. If there is NO way to tell UMS I only want a certain folder to be visible and accessible ONLY from renderer with IP 192.168.178.22, then UMS is absolutely unusable in a common real home network! What are users supposed to do? Keep track of every device added to a network and immediately add extensive configuration to UMS to restrict visibility and access of globally shared folders to that devices? This is so very unrealistic and a total configuration hell with multiple ways that things go wrong and devices get access to a folder when they shouldn't.
Why the hell is there a per-renderer .conf file option if you cannot add folders that are NOT in the global configuration? This is so dum I don't have words to explain how dum this is.
AGAIN: maybe I am wrong and I don't use the configuration correctly. Then I want to humbly apologize and ask for your forgiveness.