In my case the only device that knows where all the shared disk drives are (including names and passwords) is the CoreELEC primary server. These shared disk drives have been read-only mounted to
and shared with read-only FTP protocol like
for any other remote device (SmartPhone, PC, TV Box, …) with a unique and easy name and password without risk of the content being modified or deleted.
Although I say disks I should say directories because I never fully share a disk drive, there are always hidden and never shared parts, and I use strong SSH/SFTP access passwords for administration of the primary server. Also hidden directories, which start with ‘.’, are also inaccessible via FTP on the main server.
Does this answer your question?