Re: [exim] Uid used to access TLS-certificates

Page principale
Ce message fait partie du fil suivant :
MArborescence complète du fil triée par date
M-\Timo Neuvonen à <-
M\MTony Finch à ->
Supprimer ce message
Répondre à ce message
Auteur: Jan Suchanek
Date:  
À: Timo Neuvonen
CC: exim-users
Sujet: Re: [exim] Uid used to access TLS-certificates
Hi,

Timo Neuvonen wrote:

> I have exim 4.44, compiled with TLS-support, and using certificates issued
> by CA (not sef-signed).
>
> Now user 'exim' seems to be used to read the certificate files.
> Is there any way to make exim to read the certificates as root? Exim
> executable is setuid to root, so it should be possible, I think.
>
> This would allow me to have sertificate (and especially the key) files
> readable by no one but root. Kind of security problem if they are readable
> by too many users, I think.

Why not make the file readable for user "exim" only? This way no other
users can read the files either...

Greetings, Jan





Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-users
Informations sur la liste de diffusion | Messages voisins		<-[exim] Help with SMTP AuthRe: [exim] Using exim over a GPRS connection->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)