Author: Jan Ingvoldstad Date: To: Adam Spragg CC: exim users Subject: Re: [exim] Exim SSL/TLS certificate key file permissions/password?
On Tue, Sep 10, 2013 at 2:18 AM, Adam Spragg <adam@???> wrote:
> Hi Exim Users,
>
> I'm looking into getting Exim to use a TLS certificate.
>
> Looking through the documentation, it seems that the private key file for
> the
> certificate needs to have read access by the relevant exim group, and also
> must not be password protected.
>
> Is this really the case? Is there no way to have a well-secured private key
> file, password-protected and only readable by user root? Apache and Dovecot
> manage this by reading the file on startup, before dropping privileges and
> changing to their "normal" uid, and asking for the password on the
> console. Is
> Exim not able to work this way as well?
>
> I'm not happy having an unprotected private key lying about anywhere, even
> if
> its permissions were 0400 - let alone 0440 as Exim requires.
>
Then why are you happy about entering the password in a command line prompt?
In other words, if you don't trust your system's integrity, why do you
trust your system's integrity?
For server administration, having to enter the password at every proper
configuration reload is a huge hassle. It may work on the home server
scale, but even so, it is a disproportionate hassle compared to the
illusion of extra security it provides.
I think it's important to consider what it is that you're securing, and why.
I think what you're asking for is a bad idea, for no practical security
improvement.
--
Jan
