High-risk tools in Truenas Ws
10 of the 59 tools in Truenas Ws are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
install_appExecuteInstall an app from the catalog.
-
redeploy_appExecuteRedeploy an app with its current configuration.
-
run_cloud_syncExecuteTrigger a cloud sync task to run immediately.
-
run_replicationExecuteTrigger a replication task to run immediately.
-
run_smart_testExecuteRun a SMART test on specified disks. test_type: SHORT or LONG. Note: TrueNAS 25.10 removed SMART scheduling from the API — these are manual tests only.
-
start_appExecuteStart a stopped app.
-
start_vmExecuteStart a virtual machine.
-
stop_appExecuteStop a running app.
-
stop_vmExecuteStop a virtual machine. Attempts graceful shutdown first, forces after timeout.
-
upgrade_appExecuteUpgrade an app to the latest available version.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.