Risk of using public trackers (lemmy.ca)

submitted 11 months ago by Policeshootout@lemmy.ca to c/piracy@lemmy.dbzer0.com

19 comments fedilink hide all child comments

I have sonarr, radarr, gluetun and qbittorrent with overseer allowing my family to request movies and automatically download. I only have public indexers in prowlarr (1337x, kickass torrents, etc.)

This NAS also has a lot of important data like photos and documents.

I am used to vetting my torrents pretty thoroughly before downloading but now it's all automatic.

What level of risk am I running with my data when downloading things in this manner? Is there a chance of malware getting onto my NAS? Ransomware? Is the risk pretty minimal?

all 22 comments

sorted by: hot top controversial new old

[-] rambos@lemm.ee 21 points 11 months ago

a lot of important data

Hope you have a backup, not because of public torrents

[-] Policeshootout@lemmy.ca 2 points 11 months ago

I do have a separate backup in a separate building that syncs the most important stuff.

[-] zergling_man@lemmy.perthchat.org 14 points 11 months ago

Are you executing the files you download?

"There is no such thing as a dangerous file, only bad operating systems."

[-] nordern@chaos.social 9 points 11 months ago

@zergling_man @Policeshootout ok then.

*wgets to sudo bash*

[-] zergling_man@lemmy.perthchat.org 13 points 11 months ago

You executed the file. Not the OS' fault.

[-] _comfortablyAverage_@lemmy.ml 11 points 11 months ago

can i become part of your family too?

[-] mypasswordis1234@lemmy.world 2 points 11 months ago

😂

[-] mypasswordis1234@lemmy.world 8 points 11 months ago

You should use containers (a sandbox for each app you run). That way no malicious app can access your files. The easiest way is using Docker.

[-] TheDarkFlame@feddit.nl 9 points 11 months ago

You should probably contextualise this and say instead that containers make it harder for the application to affect your environment and files.

It may be possible to break out of a container.

[-] Policeshootout@lemmy.ca 1 points 11 months ago

I do use docker, I set up a docker account as well with selected permissions.

[-] DivisionResult@lemmy.dbzer0.com 7 points 11 months ago

on linux/unix you can make partitions files non executable.

Maybe you can mount in fstab a partition with the parameter NOEXEC:

Option 'NOEXEC' flag in the mount command does not allow the execution of executable binaries in the mounted file system1. However, when a script (a text file that begins with she-bang line; i.e., a line that begins with #!) is given to some shells (bash), it will run the executable named on that line (e.g., /usr/bin/perl) and pass the path of the shell script as the first argument. The actual interpreter might not be on that mountpoint.

1 The mount command typically mounts a file system. (Arguably, loop-back or bind mounts may be considered an exception to this generality.) In some cases (e.g., /tmp), this file system will contain only one directory.

[0]https://superuser.com/questions/728127/what-does-noexec-flag-mean-when-mounting-directories-on-rhel