Re: [exim] Uid used to access TLS-certificates

Góra strony
Delete this message
Reply to this message
Autor: Jan Suchanek
Data:  
Dla: Timo Neuvonen
CC: exim-users
Temat: Re: [exim] Uid used to access TLS-certificates
Hi,

Timo Neuvonen wrote:

> I have exim 4.44, compiled with TLS-support, and using certificates issued
> by CA (not sef-signed).
>
> Now user 'exim' seems to be used to read the certificate files.
> Is there any way to make exim to read the certificates as root? Exim
> executable is setuid to root, so it should be possible, I think.
>
> This would allow me to have sertificate (and especially the key) files
> readable by no one but root. Kind of security problem if they are readable
> by too many users, I think.


Why not make the file readable for user "exim" only? This way no other
users can read the files either...

Greetings, Jan