baalajimaestro/traefik
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge pull request #639 from discordianfish/fish/fix-acme-perm

Browse source 
Use secure mode 600 instead of 644 for acme.json
This commit is contained in:
Emile Vauge 2016-08-24 20:06:33 +02:00 committed by GitHub
parent a54c544eb4 c709a592eb
commit 1de21c86ae
1 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
acme/acme.go
View file

@ -9,9 +9,6 @@ import (
"encoding/json" "encoding/json"
"errors" "errors"
"fmt" "fmt"
log "github.com/Sirupsen/logrus"
"github.com/containous/traefik/safe"
"github.com/xenolf/lego/acme"
"io/ioutil" "io/ioutil"
fmtlog "log" fmtlog "log"
"os" "os"
@ -19,6 +16,10 @@ import (
"strings" "strings"
"sync" "sync"
"time" "time"
log "github.com/Sirupsen/logrus"
"github.com/containous/traefik/safe"
"github.com/xenolf/lego/acme"
) )
// Account is used to store lets encrypt registration info // Account is used to store lets encrypt registration info
@ -481,7 +482,7 @@ func (a *ACME) saveAccount() error {
if err != nil { if err != nil {
return err return err
} }
return ioutil.WriteFile(a.StorageFile, data, 0644) return ioutil.WriteFile(a.StorageFile, data, 0600)
} }
func (a *ACME) getDomainsCertificates(client *acme.Client, domains []string) (*Certificate, error) { func (a *ACME) getDomainsCertificates(client *acme.Client, domains []string) (*Certificate, error) {