Print Page - [Solved] Web GUI as "wwwonly" user

Title: [Solved] Web GUI as "wwwonly" user - how?
Post by: OPNenthu on July 25, 2025, 12:59:00 PM

The 25.7 release announcement references this change:

Quoteo system: allow experimental feature to run web GUI privilege separated as "wwwonly" user

I don't see any option to enable this in the web GUI settings, unless I missed it. How do we try this?

Title: Re: Web GUI as "wwwonly" user - how?
Post by: Monviech (Cedrik) on July 25, 2025, 01:02:48 PM

Check out the bottom of the system settings administration page

Title: Re: Web GUI as "wwwonly" user - how?
Post by: OPNenthu on July 25, 2025, 01:07:10 PM

Ah, definitely missed it. "Strict security" option under Deployment section. Thanks @Monviech

Title: Re: [Solved] Web GUI as "wwwonly" user - how?
Post by: franco on July 25, 2025, 01:19:47 PM

Note we're still working on adjusting components to play nice. Especially legacy pages may have issues with that for now. Could be the case for plugins as well.

But it's also been progressing pretty well so far. If you use the system for API-only purposes it's relatively unlikely you will hit a bug.

Cheers,
Franco

Title: Re: [Solved] Web GUI as "wwwonly" user - how?
Post by: OPNenthu on July 25, 2025, 01:54:10 PM

Only using a few plugins as of now, but will keep an eye out.

This seems like a good security option. Thanks for adding it :)

Title: Re: [Solved] Web GUI as "wwwonly" user - how?
Post by: franco on July 25, 2025, 02:32:15 PM

Only took 10 years of planning, but we're getting there :)

OPNsense Forum

English Forums => 25.7 Series => Topic started by: OPNenthu on July 25, 2025, 12:59:00 PM