Exposed Capsule Directories

2023-04-25

---

My capsule currently uses Jetforce, a Python-based Gemini server. I've been quite happy with its versatility and ease of setup, and I think it works well for anyone who wants a no-nonsense hosting solution.

The invocation for Jetforce includes an "--index-file FILE" flag, which tells the server to check if a given directory contains a file named "FILE", and if so, serve that file instead of listing the directory's contents. I have enabled this flag on my server, as I suspect most others have. If the index file is not present, the server still lists the directory's contents. I did not take this fact into mind--I simply assumed the server would give a resource-not-found error.

I didn't realize this was an issue until I was testing some fixes for my todo.txt service a few days ago. I tested if the directory would automatically redirect to the index page of the script, and to my surprise, the contents of the directory were listed instead.

Fortunately I already keep all visitor data, including todo.txt files and chess data, outside the root directory of the capsule. However, this configuration oversight still exposed backend files on the server that I didn't intend to be visible.

I addressed the problem by putting placeholder index files in every directory that didn't already contain an "index.gmi" file. These placeholder indexes simply display a message and provide a link back to the root of the capsule.

If you run Jetforce, or another Gemini server that behaves similarly, I recommend checking your server settings and directory configurations to see if visitors can access file lists. In particular, ensure your capsule does not contain any sensitive data, whether or not you link to it publicly. Placeholder index files might be helpful to prevent directory scans as well.

---

Up One Level

Home

[Last updated: 2023-04-25]