Acme.sh runs arbitrary commands from a remote server

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

CodeRabbit: AI Code Reviews for Developers
Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
coderabbit.ai
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  • acme.sh

    A pure Unix shell script implementing ACME client protocol

    Looks like they are issuing under a sub-CA of "ssl.com" according to https://github.com/acmesh-official/acme.sh/issues/4659#issue...

    Interestingly, the mozilla dev-security-policy group seems to contain a recent discussion about including "ssl.com" in the root store here https://groups.google.com/a/mozilla.org/g/dev-security-polic...

    Curious to know if this could, maybe it should, have ripple effects to the various SSL Root CA programs. Having someone run a subCA that actually exploits an RCE against ACME clients doesn't seem very trustworthy, and any CA enabling this behaviour should probably be kicked out of the trust stores?

  • CodeRabbit

    CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

    CodeRabbit logo
  • sh

    Python process launching

    I usually replace shell scripts with python (using sh module: https://amoffat.github.io/sh/ for calling other scripts/programs).

  • lego

    Let's Encrypt/ACME client and library written in Go

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Where do you get/setup certificates from for your https/ssl?

    3 projects | /r/oraclecloud | 7 Jul 2023
  • LeGo CertHub v0.9.0 with Docker Support

    13 projects | /r/selfhosted | 13 May 2023
  • Let's Encrypt is 10 years old now

    4 projects | news.ycombinator.com | 20 Nov 2024
  • Top 5 Security Practices for Web Developers

    2 projects | dev.to | 24 Jun 2024
  • Dehydrated: Letsencrypt/acme client implemented as a shell-script

    11 projects | news.ycombinator.com | 19 Apr 2024

Did you konow that Python is
the 2nd most popular programming language
based on number of metions?