Re: [exim] tls_certificate weirdness

On Wed, 24 Aug 2016, Jeremy Harris wrote:
> On 23/08/16 20:03, Phillip Carroll wrote:
>> The
>> fact that "tls_privatekey" must be readable by exim I presume is for
>> using STARTTLS for sending messages, although the TLS error message
>> about the "tls_privatekey" path occurred on a received message. (I
>> questioned the need for access to the private key to receive a message,
>> not considering usage in the other direction.)
>
> The Exim code telling the OpenSSL library about the private-key is in
> a routine common to both server and client initialisation.
>
> It's a fair point; we might consider making it direction-aware to
> reduce the attack surface (even though most installations will be
> doing both directions).

When a MUA connects to an MTA the client will use the server's
public key, and the server will need its private key to receive
the plain text of the message, or am I mistaken ?

OK, exim will (probably) know which certificate to use when it
opens the listening socket, so will have root and be able to
read the private key.