I want to apologize for both the late reply and that my security update got out to public before the release notes & notification did.
The change, which you all are seeing is a security fix. It was a security bypass from DSM 4.x, and 5.x days which is no longer needed.
This was brought to my attention by a number of users. After discussing it, we agreed it was time to put PMS back to normal.
That ‘normal’ is:
- Plex is no longer in the administrators group
- Plex no longer has elevated privileges (even though it never overtly used them).
The one danger, which some of you are experiencing is:
- You unwittingly and without your knowledge, had shares created through your admin user account which were being accessed by Plex (which also was an administrator).
- Everything “kinda worked” but not really.
- My correction does the following to normal Plex operation.
- Plex cannot access any share on your Synology unless you give it permission in Control Panel - Shared Folders - Edit the share - Permissions tab.
- It will only have those permissions you expressly grant it. None, Read/Write, or Read Only
- Your media now has an extra layer of protection from accidental deletion.
- User plex is a ‘normal user’, just like any other user account you create in DSM. No special privileges of any kind with exception of being a member of the video group so it can still access Hardware Accelerated Transcoding on those Synology models which support it.
I will do my best to get the formal Security Announcement released today (Friday - 10-May)
Chuck
