Browse Source

Avoid permissions errors for chown .well-known

When acme.sh is run as a non-root user different from the owner of the
webroot directory it is unable to change the owner of the files in
.well-known to that user, causing permissions errors.  Avoid this by
making the files world-readable.

These files should pose no disclosure risk since they are sent in
cleartext during the HTTP Identifier Validation Challenge[1] and may
already be exposed by directory enumeration, depending on server
settings.  AFAIK they should be safe to expose as world-readable in all
cases.

1.  https://ietf-wg-acme.github.io/acme/#rfc.section.7.2

Fixes Neilpang/acme.sh#32
Signed-off-by: Kevin Locke <kevin@kevinlocke.name>
pull/623/head
Kevin Locke 8 years ago
parent
commit
bf6a0e6d72
  1. 20
      acme.sh

20
acme.sh

@ -3679,9 +3679,11 @@ issue() {
_debug "writing token:$token to $wellknown_path/$token"
mkdir -p "$wellknown_path"
if ! printf "%s" "$keyauthorization" >"$wellknown_path/$token"; then
# Ensure .well-known is visible to web server user/group
# https://github.com/Neilpang/acme.sh/pull/32
if ! (umask ugo+rx \
&& mkdir -p "$wellknown_path" \
&& printf "%s" "$keyauthorization" >"$wellknown_path/$token"); then
_err "$d:Can not write token to file : $wellknown_path/$token"
_clearupwebbroot "$_currentRoot" "$removelevel" "$token"
_clearup
@ -3689,18 +3691,6 @@ issue() {
return 1
fi
if [ ! "$usingApache" ]; then
if webroot_owner=$(_stat "$_currentRoot"); then
_debug "Changing owner/group of .well-known to $webroot_owner"
if ! _exec "chown -R \"$webroot_owner\" \"$_currentRoot/.well-known\""; then
_debug "$(cat "$_EXEC_TEMP_ERR")"
_exec_err >/dev/null 2>&1
fi
else
_debug "not changing owner/group of webroot"
fi
fi
fi
elif [ "$vtype" = "$VTYPE_TLS" ]; then

Loading…
Cancel
Save