On 4/26/17 12:41 PM, Theo de Raadt wrote:
I haven't seen anyone mention acme.sh yet--a shell script for
letsencrypt with no external dependencies.
https://github.com/Neilpang/acme.sh
No external dependencies, and no security foundations.
No privsep, no clear seperation.
Using pretty much every unsafe pattern tied to security holes in the past.
Using the openssl command *GO READ THAT CODE SOMETIME*, don't go read
the libressl one, go read upstream openssl command source.
No attempt at security.
Just doing the job, and assuming every mistake later can be
It's like constructing jetliners from foundational components, and by
that I mean sticks and stones.
I'm sorry, but I don't get it. It is crazy to recommend something
that hasn't been STUDIED to ensure it dutifully tries to only perform
the task and creates no new risk.
Always good to hear from you, Theo!
acme.sh does not require root/sudoer access. For sure I run it as an
unprivileged user and hope you do as well!
Jeff
