I don't know who needs to hear this, but DO NOT EVER expose Jellyfin to the internet

Scary_le_Poo@beehaw.org · 1 year ago

I don't know who needs to hear this, but DO NOT EVER expose Jellyfin to the internet

troed@fedia.io · 1 year ago

It’s a list from 2021 and as a cybersec researcher and Jellyfin user I didn’t see anything that would make me say “do not expose Jellyfin to the Internet”.

That’s not to say there might be something not listed, or some exploit chain using parts of this list, but at least it’s not something that has been abused over the last four years if so.

Scary_le_Poo@beehaw.org · edit-2 23 days ago

bizarroland@fedia.io · 1 year ago

You can’t say that a solution is no security at all when it requires time and intelligence to bypass.

It is at least 0.01 security.

whats_all_this_then@programming.dev · 1 year ago

Effort or no, if an attacker can reasonably bypass it, it’s not secure. That’s why software gets security patches all the time, why encryption/hashing algorithms can fall out of favor, and why quantum computing can be pretty fucking scary.

B0rax@feddit.org · 1 year ago

No system is secure.

Scary_le_Poo@beehaw.org · edit-2 23 days ago

I don't know who needs to hear this, but DO NOT EVER expose Jellyfin to the internet

I don't know who needs to hear this, but DO NOT EVER expose Jellyfin to the internet

Collection of potential security issues in Jellyfin · Issue #5415 · jellyfin/jellyfin