uld belong to group ssl-cert
Bug #893738 [certbot] certbot: Should use ssl-cert and normal Debian permissions
Bug #902620 [certbot] certbot.service should not use root privileges
Severity set to 'normal' from 'serious'
Marked as found in versions python-certbot/0.8.1-2 and
python-certbot/0.8.1-2~bpo
forcemerge 819107 902620 810216
severity 902620 normal
thanks
Hello Roland,
We definitely want to move to using a more "Debian standard" approach
to the certbot user -- especially for the keys it writes out --, but
it's a complicated problem. For example, many of the certbot plugins
add or alter
Package: certbot
Version: 0.10.2-1
Severity: serious
Tags: security
Justification: 5.b
Dear Maintainer,
certbot.service is configured to be executed with root privileges.
This leads to a potential attack vector while renewing certificates,
especially when using the 'standalone' authenticator.
3 matches
Mail list logo
