This is more of a security hole notification and a security feature request.
-
Make Sonarr secure by default. Right now the default setting is to leave it open to the world. I haven’t added any specific forwarding rules, so I’m guessing it negotiated with UPnP on its own to open the port it uses to the outside world. Just enable security and pick a random please, I can think of half a dozen ways I can use Sonarr to remotely execute code using the default installation. I don’t even have to add my Big Booty Nurses to Sonarr for people to find it. I’m a root directory kind of guy because I want it accessible, but not THAT accessible.
-
Add a restricted user account, promote current user account to admin. I want to let my friends add series for download and see the calendar, since they all watch stuff off of my plex server. What I don’t want is to give them the ability to walk my hard drive and browse my files, so restricting them from adding folders would be good.
In general it feels like Sonarr needs a security review as well as some simple features to make it even more useful.