Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Avoid permissions errors for chown .well-known #623

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from

Conversation

kevinoid
Copy link

When acme.sh is run as a non-root user different from the owner of the webroot directory it is unable to change the owner of the files in .well-known to that user, causing permissions errors. Avoid this by
making the files world-readable.

These files should pose no disclosure risk since they are sent in cleartext during the HTTP Identifier Validation Challenge and may already be exposed by directory enumeration, depending on server
settings. AFAIK they should be safe to expose as world-readable in all cases.

Fixes #32

Thanks for considering,
Kevin

@kevinoid kevinoid force-pushed the fix-well-known-perms branch 2 times, most recently from a0bbf10 to d19308b Compare February 16, 2017 04:13
@kevinoid kevinoid force-pushed the fix-well-known-perms branch from d19308b to bf6a0e6 Compare July 29, 2017 02:45
@Neilpang Neilpang deleted the branch acmesh-official:dev January 19, 2022 12:56
@Neilpang Neilpang closed this Jan 19, 2022
@kevinoid
Copy link
Author

For reference, it does not appear that the issue was fixed. I'm open to providing an alternative implementation if this one was found to be unacceptable.

@Neilpang Neilpang reopened this Jan 19, 2022
@Neilpang
Copy link
Member

sorry, it was closed by accident.

@kevinoid kevinoid force-pushed the fix-well-known-perms branch from bf6a0e6 to c90ec54 Compare November 30, 2024 23:03
When acme.sh is run as a non-root user different from the owner of the
webroot directory it is unable to change the owner of the files in
.well-known to that user, causing permissions errors.  Avoid this by
making the files world-readable.

These files should pose no disclosure risk since they are sent in
cleartext during the HTTP Identifier Validation Challenge[1] and may
already be exposed by directory enumeration, depending on server
settings.  AFAIK they should be safe to expose as world-readable in all
cases.

1.  https://ietf-wg-acme.github.io/acme/#rfc.section.7.2

Fixes acmesh-official#32
Signed-off-by: Kevin Locke <[email protected]>
@kevinoid kevinoid force-pushed the fix-well-known-perms branch from c90ec54 to 22dfedf Compare November 30, 2024 23:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants