yes, but this is a PVR, not a PC ... this is not a full linux system ...
I don't agree.
To me the dreamboxes are fully functional linux systems which have a network connection and expose services:
try to scan your box and wonder ...
The box is conceived to be connected to a network, and there are any sort of plugins and packages to make it act as a http server, a dns server, a proxy, stream and connect to streams over the network, email and rss readers, etc.: this isn't just a receiver ... but a lot more ... practically a server and a client.
As soon as you connect the box to your home network and leave the default root password (sometimes blank) or telnet/webif as root ...
... then you are the happy owner of a potential 'zombie'
And there is normaly no reason to need multiple useraccounts on a satelite receiver ... if you login into telnet to your dreambox, you usualy install plugins and other stuff, so you need to be root. Don't know what else should be done there ...
Not using root logins is considered a (simple) best security practice.
Nevertheless:
why should we use root to use the webif?
the webif seems to work well also with unprivileged users.
... but still: why should the webif use system user logins? couldn't it simply use internal application users?
It's been like this since many many many years on dreamboxes and never someone complained about this ... so ... for what do you need it? what are you doing with your dreambox and why it needs to be available in the internet? For me it doesn't make much sense. For a PC I could understand this, but for a PVR / Dreambox !?
I don't want to change the status-quo (even if I think it is wrong), I just would like to be given the possibility to secure my box a bit more:
the cost for the potentially improved security would be just a bunch of Kb more into the images.
And yes, probably I'm the first one complaining about it