Autor: Jan Suchanek Data: Dla: Timo Neuvonen CC: exim-users Temat: Re: [exim] Uid used to access TLS-certificates
Hi,
Timo Neuvonen wrote:
> I have exim 4.44, compiled with TLS-support, and using certificates issued
> by CA (not sef-signed).
>
> Now user 'exim' seems to be used to read the certificate files.
> Is there any way to make exim to read the certificates as root? Exim
> executable is setuid to root, so it should be possible, I think.
>
> This would allow me to have sertificate (and especially the key) files
> readable by no one but root. Kind of security problem if they are readable
> by too many users, I think.
Why not make the file readable for user "exim" only? This way no other
users can read the files either...