severity 845459 normal merge 819107 845459 thanks Nikolaus Rath <nikol...@rath.org> writes: > Certbot from jessie-backports stores private keys > (/etc/letsencrypt/archive/*/privkey*.pem) world readable (with 0644 > permissions). It seems to me they really ought to be 0600 instead.
Hello! Thank you for this report. This is a known issue, but doesn't have any impact on security; the directory the keys are in is chmod 700. We eventually plan to migrate to the Debian /etc/ssl style structure, including permissions, however this requires a lot of work and isn't immediately a priority. Sincerely, -- Harlan Lieberman-Berg ~hlieberman
