Major Security Issue In USB Shares
Posted: 21 Jan 2022, 10:22
F4-210 TOS 4.2.20
I have a major security issue with user shares to external USB devices.
On LAN users have no access and that part of ‘Permissions’ I can’t adjust.
Only ‘admin’ users can access USB devices.
This is when things are very broken in my opinion…
I have users that connect via SFTP and they have full access to USB shares and they shouldn’t be able to do that.
This is a MAJOR FAIL and needs to be addressed by Terramaster Techs ASAP. If they don’t then it seriously degrades your product and the integrity of Terramaster that claims to have security as a priority in all its products.
I found this serious flaw in your product just by using it as a first user of a Terramaster NAS, and I can’t believe you at Terramaster HQ are not aware of it.
I know that the SFTP side is broken and I am sure the boffins at Terramaster HQ should have the capability to make sure all protocols of connecting to their devices are tested before any updated TOS is released.
If it was a plane in the air that fell to the ground then it would be classed as a ‘Catastrophic Failure’
My data is important to me, the safe as other users, and a Terramaster NAS is an extension to that.
Please address this very serious issue ASAP as it is a ‘Catastrophic Failure’ when it comes to data security.
Until then your products are NOT SECURE.
I would prefer a direct response from Terramaster to my contact email address and that to be reflected in this forum.
I have a major security issue with user shares to external USB devices.
On LAN users have no access and that part of ‘Permissions’ I can’t adjust.
Only ‘admin’ users can access USB devices.
This is when things are very broken in my opinion…
I have users that connect via SFTP and they have full access to USB shares and they shouldn’t be able to do that.
This is a MAJOR FAIL and needs to be addressed by Terramaster Techs ASAP. If they don’t then it seriously degrades your product and the integrity of Terramaster that claims to have security as a priority in all its products.
I found this serious flaw in your product just by using it as a first user of a Terramaster NAS, and I can’t believe you at Terramaster HQ are not aware of it.
I know that the SFTP side is broken and I am sure the boffins at Terramaster HQ should have the capability to make sure all protocols of connecting to their devices are tested before any updated TOS is released.
If it was a plane in the air that fell to the ground then it would be classed as a ‘Catastrophic Failure’
My data is important to me, the safe as other users, and a Terramaster NAS is an extension to that.
Please address this very serious issue ASAP as it is a ‘Catastrophic Failure’ when it comes to data security.
Until then your products are NOT SECURE.
I would prefer a direct response from Terramaster to my contact email address and that to be reflected in this forum.