Comment 2 for bug 569763

Actually, I just found this from the MediaTomb documentation at http://mediatomb.cc/pages/documentation#id2856362:

"The server has an integrated filesystem browser, that means that anyone who has access to the UI can browse your filesystem (with user permissions under which the server is running) and also download your data! If you want maximum security - disable the UI completely! Account authentication offers simple protection that might hold back your kids, but it is not secure enough for use in an untrusted environment! Note: since the server is meant to be used in a home LAN environment the UI is enabled by default and accounts are deactivated, thus allowing anyone on your network to connect to the user interface."

I also confirmed the install behavior, which enables the UI by default with no user accounts. This is wrong and should be fixed in the packaging.