diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2021-02-16 17:24:31 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2021-02-18 00:42:32 +0100 |
| commit | 2efd4458f4db7f489ecc81f4039b8e8103edf9d9 (patch) | |
| tree | 96c97c31ae1edd6b2b5bc746d1adf4d7eb8fad96 /lacme | |
| parent | c75bc6c37840b8fc2c57424d24c06a0bfe399de6 (diff) | |
Don't load configuration files from ./ by default.
This is a breaking change: lacme(8) resp. lacme-accountd(1) no longer
consider ./lacme.conf resp. ./lacme-accountd.conf as default location
for the configuration file. Doing so has security implications when
running these program from insecure directories.
Diffstat (limited to 'lacme')
| -rwxr-xr-x | lacme | 3 |
1 files changed, 1 insertions, 2 deletions
@@ -77,8 +77,7 @@ $COMMAND = $COMMAND =~ /\A(account|newOrder|new-cert|revokeCert|revoke-cert)\z/ sub set_FD_CLOEXEC($$); my $CONFFILENAME = $OPTS{config} // first { -f $_ } - ( "./$NAME.conf" - , ($ENV{XDG_CONFIG_HOME} // "$ENV{HOME}/.config")."/lacme/$NAME.conf" + ( ($ENV{XDG_CONFIG_HOME} // "$ENV{HOME}/.config") . "/lacme/$NAME.conf" , "@@sysconfdir@@/lacme/$NAME.conf" ); do { |