It could go tits up indeed with a pod name like that.

Just dont name your pod “Titan” just in case.

Yeah I think it’s just a false alarm.

I would suggest looking into how sudoers works. I might just be that you asked caddy to do something that required root and forgot to sudo the command ?

Still double check the timestamp and verify that it was when you tinkered. Use “history” to look for previous commands and maybe the timestamp ?

The way I see it something (probably caddy) wanted to check a TLS certificate and had to concatenate all the certificate authorities to check if an adequate CA was there. And it failed to access what looks like a local CA that is autosigned ? Still worth checking your CA has adequate / similar permission as the others.

I’m usually pretty relaxed when it comes to disclosure of vulnerabilities but this is the kind of issues where I think it would have been better to privately report the issue to the Lemmy dev and wait ( a long time probably) for it to be fixed before disclosing.

Especially since currently there is multiple people abusing the image hosting feature.

Not a big deal, but sometimes it is actually a better practice to give an opportunity to the dev to fix something before forcing them to do so in a hurry.