Currently everything (streaming servers, webserver, etc.) is running as root.
With the large attack surface of highly complex streaming/media code, as well as the web interface, this is not ideal at all.
PulseAudio already has disabled authentication, so it can be used by every user on the system.
Every streaming server should have it's own system user
uhttpd should run as it's own user (binding to port 80? running the applyconfig-script via sudo?)
Currently everything (streaming servers, webserver, etc.) is running as root. With the large attack surface of highly complex streaming/media code, as well as the web interface, this is not ideal at all.