Processed: Re: Bug#902620: certbot.service should not use root privileges

Processing commands for cont...@bugs.debian.org: > forcemerge 819107 902620 810216 Bug #819107 [certbot] certbot: Should use ssl-cert and normal Debian permissions Bug #845459 [certbot] certbot: Should use ssl-cert and normal Debian permissions Bug #859209 [certbot] certbot: pem files should belon

Bug#902620: certbot.service should not use root privileges

forcemerge 819107 902620 810216 severity 902620 normal thanks Hello Roland, We definitely want to move to using a more "Debian standard" approach to the certbot user -- especially for the keys it writes out --, but it's a complicated problem. For example, many of the certbot plugins add or alter

Bug#902620: certbot.service should not use root privileges

Package: certbot Version: 0.10.2-1 Severity: serious Tags: security Justification: 5.b Dear Maintainer, certbot.service is configured to be executed with root privileges. This leads to a potential attack vector while renewing certificates, especially when using the 'standalone' authenticator. Fo