trendy wrote: ↑Tue Sep 21, 2021 9:36 am
This is a bad idea. Leave
as it is. If you need to store something as dietpi user, use
I respectfully disagree as you are unaware of my intentions.
Since I live alone and am very privacy oriented in my endeavours (multiple VPN routing policies, self-hosted recursive DNS server, firewalled at the router, expanded firewall setups on all of my PC's, etc.), I am not concerned with unauthorized access. Additionally, I have root access setup (Samba or FTP) with most of my Pi's so I can access files easier (although the Pi's running backend security do not have root access since they have access outside of my LAN).
Furthermore, this particular Pi that I am working on is my Development/Testing Pi and is not "mission-critical" to anything. I am one of those people that likes to explore new software to get familiar with it as well as to expand my intermediate knowledge of coding (in otherwords, I like to tinker with things).
Joulinar wrote: ↑Tue Sep 21, 2021 9:40 am
yes, what is the reason for trying to get web browser access to
. Due to security we decided for a different user without root-user privileges.
at the end a lot of thinks are possible even to switch file browser user.
My reason is simply to test different things as mentioned above. And as you said, there are many possiblities and I wanted to explore!
MichaIng wrote: ↑Tue Sep 21, 2021 5:39 pm
is the "root" users home directory, and it breaks the basic privacy and security ideas to grant any user access to another users home directory, most importantly the root users home directory. Home directories may contain secret private keys, like for SSH and other sensitive stuff, that must not be accessed by anyone else.
Since File Browser runs as "filebrowser" service user, this also applies to
, although much less critical.
For sharing files across users, I recommend a directory outside of any users home. If shared write permissions are required, use a shared group, like it is done with
and the "dietpi" group.
Yes, I understand that it breaks the very essence of security. After reviewing the Filebrowser website, I tried running a permissions change command but was unable to - basically the reason why I asked is because I am failing to understand Filebrower's command line syntax/structure, and with examples I can better understand it. For example, the first question I asked about accessing files outside of
helped me understand their syntax more.
Either way, I appreciate the help - no need to provide me with an answer to this question since I really don't need access to it!